您是否想了解特定NIC的更多信息?如果您試圖從單個界面中隔離流量,請首先找出它是哪一個。下面的代碼將幫助您枚舉可用接口:
var nics = from NetworkInterface a
in NetworkInterface.GetAllNetworkInterfaces()
where a.NetworkInterfaceType == NetworkInterfaceType.Ethernet &&
a.Supports(NetworkInterfaceComponent.IPv4)
select a;
if (nics.Any())
{
var nic = nics.First();
adapter = new NetworkAdapter();
adapter.Name = nic.Name;
adapter.Description = nic.Description;
adapter.Id = nic.Id;
var props = nic.GetIPProperties();
var ipAddresses = from UnicastIPAddressInformation info
in props.UnicastAddresses
where info.PrefixOrigin == PrefixOrigin.Manual
select info;
adapter.GatewayAddressList = nic.GetIPProperties().GatewayAddresses;
adapter.Available = (nic.OperationalStatus == OperationalStatus.Up);
}
此外,如果您正試圖嗅出你將不得不看的DNS數據包的URL。 DNS有助於將URL轉換爲IP。退房DNS。 DNS搜索將在任何連接之前進行。
編輯:這是我用枚舉適配器ID的實用方法:
DLL int GetAvailableAdapters()
{
pcap_if_t *alldevs;
pcap_if_t *devs;
char msgBuffer[LOG_SIZE];
int index = 0;
char* fullname;
int namePtr;
char* shortname;
struct in_addr ip;
// Retrieve the device list on the local machine
if (-1 == pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, msgBuffer))
{
//error
return 0;
}
// Cycle List, and make sure adapters are available/visable
for(devs = alldevs; devs != NULL; devs = devs->next)
{
++index;
//
// Print adapter description
//
sprintf(msgBuffer, " [%d]: %s", index, devs->description);
gblLog(INFO, msgBuffer);
//
// Parse and Print adapters network info in dot-decimal notation
//
/*ip = ((struct sockaddr_in *)(devs->addresses->addr))->sin_addr;
sprintf(msgBuffer, " IPAddr: %s ", inet_ntoa(ip));
gblLog(INFO, msgBuffer);
*/
//
// Print the Registry Key Value from the substring of adapter name
//
fullname = devs->name;
namePtr = strlen(fullname);
shortname = fullname + namePtr;
while(0 < namePtr && fullname[--namePtr] != '_');
if(fullname[namePtr] == '_')
{
// Key is the string after "_" char, get the substring starting at that index.
shortname = fullname + namePtr + 1;
fullname[namePtr] = '\0';
sprintf(msgBuffer, " KeyVal: %s\n", shortname);
gblLog(INFO, msgBuffer);
}
else
{
// Print full name if the "_" char was not found (odd formating...)
sprintf(msgBuffer, " KeyVal: %s\n", fullname);
gblLog(INFO, msgBuffer);
}
}
if(index == 0)
{
gblLog(INFO, "FindAllDevs() returned null devices. No network adapters found!");
}
return index; // Total num of adapters enum
}
使用這種方法,用的NetworkInterface一起,你應該能夠與索引適配器通過其REG關聯鍵。一旦找到正確的適配器,使用該索引打開您的pcap設備:
if (pcap_findalldevs_ex(PCAP_SRC_IF_STRING, NULL, &alldevs, errbuf) == -1)
{
return -1; // error
}
// Cycle the devs until we reach the appropriate index
for(d = alldevs, i = 0; (i < (index- 1)); d = d->next, i++);
// Open the device
if ((adhandle= pcap_open(d->name, // HW name of the network device.
65536, // Portion of the packet to capture. 65536 max packet
adapterFlags, // See adapterFlags above
1000, // 1sec timeout on idle. (We check for exit at this interval)
NULL, // No authentication,
errbuf // Error buffer
)) == NULL)
{
//error opening
pcap_freealldevs(alldevs); // Free the device list
return -1;
}
我必須參考NetworkAdapter? –
@ m.qayyum通常是適配器的註冊表項。我相信也是適配器的「給定」名稱......如果您打印出所有NetworkAdapter類信息(對於上面代碼中的每個NIC),您會發現一些信息將它連接回您正在尋找的適配器使用。由於可能存在許多網絡配置,因此我無法提供直接的參考。祝你好運!如果您需要更多幫助,請爲您提供廣泛的網絡信息以獲得更專業的答案。 –
@ m.qayyum見編輯答案。我提供了一些有用的方法,希望能指引您朝着正確的方向發展......您可能不需要代碼中的所有漂亮打印內容,但是它的可見性要求。 –