1

这是我启动进程的方法:

public class Tshark
{
    public int _interfaceNumber;
    public string _pcapPath;
    Process _tsharkProcess;
    public int _packetsCount;
    public string _packet;
    public string _tsharkPath = @"C:\Program Files\Wireshark\tshark.exe";
    public delegate void dlgPackProgress(int progress);
    public event dlgPackProgress evePacketProgress;

    public Tshark(int interfaceNumber, string pcapPath)
    {
        _interfaceNumber = interfaceNumber;
        _pcapPath = pcapPath;
    }

    public void startTheCapture()
    {
        try
        {
            _tsharkProcess = new Process();
            _tsharkProcess.StartInfo.FileName = @"C:\Program Files\Wireshark\tshark.exe";
            _tsharkProcess.StartInfo.Arguments = string.Format("-i " + _interfaceNumber);
            _tsharkProcess.OutputDataReceived += new DataReceivedEventHandler(process_OutputDataReceived);
            _tsharkProcess.StartInfo.RedirectStandardOutput = true;
            _tsharkProcess.StartInfo.UseShellExecute = false;
            _tsharkProcess.StartInfo.CreateNoWindow = true;
            _tsharkProcess.StartInfo.WindowStyle = ProcessWindowStyle.Hidden;
            _tsharkProcess.Start();
            StreamReader myStreamReader = _tsharkProcess.StandardOutput;

            while (!myStreamReader.EndOfStream)
            {
                _packet = myStreamReader.ReadLine();
                OnPacketProgress(_packetsCount++);
            }

            _tsharkProcess.WaitForExit();
        }
        catch (Exception e)
        {

        }
    }

    private void OnPacketProgress(int packet)
    {
        var handler = evePacketProgress;
        if (handler != null)
        {
            handler(packet);
        }
    }

    public void killProcess()
    {
        foreach (Process prc in System.Diagnostics.Process.GetProcessesByName("tshark"))
            {
                prc.Kill();
                prc.WaitForExit();
            }                 
    }

    private void process_OutputDataReceived(object sender, DataReceivedEventArgs arg)
    {
        string srt = arg.Data; //arg.Data contains the output data from the process...            
    }
}

从主窗体调用方法 startTheCapture() :

private void btnStartCapture_Click(object sender, EventArgs e)
{
    BackgroundWorker bgWorker = new BackgroundWorker();
    bgWorker.WorkerReportsProgress = true;
    bgWorker.ProgressChanged += new ProgressChangedEventHandler(bgWSniffer_ProgressChanged);
    bgWorker.DoWork += new DoWorkEventHandler(
        (s3, e3) =>
        {
            tshark = new Tshark(2, pcapFilePathSniffer);
            tshark.startTheCapture();

            tshark.evePacketProgress += new Tshark.dlgPackProgress(
                (packet) =>
                {
                    bgWorker.ReportProgress(packet, tshark);
                });
        });

    bgWorker.RunWorkerCompleted += new RunWorkerCompletedEventHandler(
        (s3, e3) =>
        {

        });

    bgWorker.RunWorkerAsync();

}

现在这也来自主表单,我已经编写了 ProgressChanged,它应该更新我的 gui,但我的问题是这不起作用,我不知道为什么。

private void bgWSniffer_ProgressChanged(object sender, ProgressChangedEventArgs e)
{
    tshark = e.UserState as Tshark;
    listBoxPacketsSnifferTab.Text += tshark._packet;
    lblPacketsReceived2.Text = tshark._packetsCount.ToString("#,##0");
}
4

1 回答 1

0

在 DoWorkEventHandler 中,在连接 evePacketProgress 事件处理程序之前调用 tshark.StartTheCapture()。

startTheCapture 方法会一直阻塞,直到 wireshark 进程退出,因此在它运行时捕获的任何进度事件都将在 OnPacketProgress 中“忽略”,因为没有事件订阅者(handler == null)。

将其更改为:

bgWorker.DoWork += new DoWorkEventHandler(
    (s3, e3) =>
    {
        tshark = new Tshark(2, pcapFilePathSniffer);

        //hookup event handler before executing method
        tshark.evePacketProgress += new Tshark.dlgPackProgress(
            (packet) =>
            {
                bgWorker.ReportProgress(packet, tshark);
            });

        tshark.startTheCapture();


    });
于 2012-09-26T13:36:27.363 回答