后台调用命令行程序,通过分析netstat命令的返回结果获取进程信息,主要使用的参数包括-a(显示所有连接和侦听端口)、-n(以数字形式显示地址和端口号)、-o(显示拥有的与每个连接关联的进程 ID),其实-b(显示在创建每个连接或侦听端口时涉及的可执行程序)也可以用,但是它的返回结果没有和前几个参数在一行,分析起来比较麻烦,就没有用。另外,如果是查询端口,还可以在命令行中附带findstr命令从netstat命令的返回结果中筛选。最终的示例代码如下:
List<SearchedProcessInfo> searchResult=new List<SearchedProcessInfo>();
Process pro = null;
try
{
pro = new Process();
pro.StartInfo.FileName = "cmd.exe";
pro.StartInfo.UseShellExecute = false;
pro.StartInfo.RedirectStandardInput = true;
pro.StartInfo.RedirectStandardOutput = true;
pro.StartInfo.RedirectStandardError = true;
pro.StartInfo.CreateNoWindow = true;
pro.Start();
pro.StandardInput.WriteLine(String.IsNullOrWhiteSpace(txtPPort.Text)?"netstat -ano":String.Format("netstat -ano | findstr :{0}", txtPPort.Text));
pro.StandardInput.WriteLine("exit");
Regex reg = new Regex("\\s+", RegexOptions.Compiled);
string line = null;
while ((line = pro.StandardOutput.ReadLine()) != null)
{
line = line.Trim();
if (!line.StartsWith("TCP") && !line.StartsWith("UDP"))
{
continue;
}
Console.WriteLine(line);
line = line.Trim();
SearchedProcessInfo info = new SearchedProcessInfo();
line = reg.Replace(line, ",");
string[] arr = line.Split(',');
string soc = arr[1];
int pos = soc.LastIndexOf(':');
info.UsePort = soc.Substring(pos + 1);
info.Protocol = arr[0];
if (line.StartsWith("TCP"))
{
info.ProcessID = Convert.ToInt32(arr[4]);
info.Status = arr[3];
}
else
{
info.ProcessID = Convert.ToInt32(arr[3]);
}
try
{
Process pTmp = Process.GetProcessById(Convert.ToInt32(info.ProcessID));
info.ProcessName = pTmp != null ? pTmp.ProcessName : String.Empty;
}
catch(Exception exx)
{
info.ProcessName = String.Empty;
}
searchResult.Add(info);
}
...
}
catch (Exception exp)
{
MessageBox.Show(exp.Message);
}
finally
{
if(pro != null)
{
pro.Close();
}
}