Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles / operating-systems / Windows
 

Applications Traffic Watcher Lite

4.41/5 (6 votes)
14 Jul 20062 min read 1   3.3K  
Applications Traffic Watcher is a small utility to get costs of the internet traffic consumed by different applications
Sample Image - apptraffmonlite.gif

Introduction

Applications Traffic Watcher Lite (ATWL) is a small utility to get information about the costs of the downloaded internet traffic consumed by different applications. It uses the WinPcap library from here. Network traffic inside a LAN is calculated, but ignored when calculating costs. ATWL is very useful to understand how much traffic is consumed by Skype, Gizmo, etc.

Main Idea

The idea of the application is quite simple: 

  1. Application Traffic Watcher Lite constantly gets packets from WinPCap
  2. It tries to associate packets with process ID using packet's information about local address and port and also information about all active connections, using functions GetExtendedTcpTable or GetExtendedUdpTable.
  3. If the application couldn't associate packet with corresponding process ID, it adds this packet to "virtual" application named "Unknown_" and local port number. Unfortunately, sometimes it cannot associate packet with process (see "Troubles" section of the article).
  4. ATWL determines either packet belongs to local network or to external using lib IPNumber (http://www.codeproject.com/cs/internet/ipnumbers.aspx).

Installation

Program installs by setup.msi file. Just run it, sit back and relax. ;-) The installation is required if WinPcap is already installed. Otherwise you must download WinPCap from http://www.winpcap.org and install it. After installation, you should maybe restart your computer to properly initialize the WinPcap drivers - otherwise the program may crash.

Options

The user can tune the application using the options dialog.

Application Traffic Monitor Lite Options Dialog

Troubles

As you can see in the application predecessor screenshot, there are a lot of processes with name "Unknown_". Unfortunately, I still couldn't find any way to determine which application sends/receives packets. Packets couldn't be identified when Internet Explorer/Firefox, etc. download some web pages. They create a lot of connections on different local ports with unknown PID (I couldn't associate the connection which I get from GetExtendedTcpTable and packet which I get from WinPCap). So, if you can help in resolving this problem - welcome.

Another big trouble - sometimes ATWL consumes a lot of CPU resources. After hard code refactoring and optimization, I minimize CPU consuming, but sometimes it is still too big.

CPU resources eat WinPCap library. Unfortunately there is only one way to solve this problem - use filters when using WinPCap library to reject packets from applications which are not interesting for monitoring. But it's not a suitable thing, I think.

PS

Password to change options and exit - bizkit. User with role administrator can do everything without entering password.

References

  1. SharpPcap - A packet capture framework for .NET
  2. IP list, Check an IP number against a list in C#
  3. Getting active TCP/UDP connections on a box
  4. Getting active TCP/UDP connections using GetExtendedTcpTable function
  5. TrafficWatcher
  6. Applications Traffic Watcher

History

  • 14th July, 2006: Initial post

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here



Permalink

Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Article Copyright 2006 by Warlib
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-10-20:1