Ravahn Machina Versions Save

Machina v2.3.1.1 / Machina.FFXIV v2.3.4.2

Updates to support Global FFXIV Patch 6.18 / Korean FFXIV patch 6.05, plus a number of improvements:

• Removed buffer cache due to memory leaks
• Added rpcap support
• Added support for decompressing Oodle-compressed payloads
• Added .WindowName support instead of using process Ids

Nugets are available at: https://www.nuget.org/packages/Machina/2.3.1.1 https://www.nuget.org/packages/Machina.FFXIV/2.3.4.2

Major breaking changes - all of the changes from the past two years in the NetworkStructs branch are now merged into master branch.

Machina.FFXIV currently supports Global region FFXIV patch 5.55, and Korean region FFXXIV patch 5.41.

Updated nuget packages are posted to nuget.org.

Highlights -

• Migrated to .Net Standard 2.0
• TCPNetworkMonitor has breaking changes:
  • .Config property added for configuration
  • renamed UseSocketFilter to UseRemoteIpFilter
  • modified sent/received delegate parameters.
• FFXIVNetworkMonitor has breaking changes:
  • Renamed UseSocketFilter to UseRemoteIpFilter
  • modified sent/receive delegate parameters
• Exposed a limited set of FFXIV Message types as C# Structs. These will likely be refactored in FFXIV 6.0 to be more in line with the Sapphire FFXIV team's naming conventions
• Modified project folder structure, refactored internal classes to be more granular
• Applied EditorConfig styles and fixed most of the warnings / issues
• Added support for multi-process packet capture - just supply a list of process Ids.
• Modified code to use C# Task instead of dedicated Threads.
• Added multi-region (KR, CN, Global) FFXIV opcode support. Note that CN region opcodes are not maintained.
• Retired custom Firewall functionality - Others have written better open source code for this, I recommend migrating to someone else's package
• Retired custom buffer pool code and replaced with System.Buffers nuget package
• Fixed #14 - Library should continue to work when a listening port is opened by the process
• Fixed #13 - Added a failsafe so length=0 packets do not cause an infinite loop

Minor updates:

• Added trace logging category to help filter out Machina messages when debugging other applications
• Fixed possible null reference bug when initializing WinPCap and no interface is detected on the selected Ip Address
• Updated FFXIV Message Type IDs to patch 4.4

Compiled binaries are available on nuget.

This includes significant internal changes to how sockets & winpcap are used:

• Modified raw socket capture to use async callbacks instead of polling
• Modified WinPCap capture to use built-in polling (pcap_next_ex)
• Added an optional feature to filter network traffic based on remote host IP. Note that it takes a short amount of time to detect new TCP connections, and so some of the initial set-up traffic may be lost. This feature should not be used if new connections are frequently created or the initial network data is critical to application functioning. However, it significantly reduces the amount of data lost when the network is under high stress. It has been tested successfully up to 950mbps.
• Created a 'buffer factory' to store a collection of network data between when it is made available by the network capture subsystem and when it is processed. Note that this increases memory use and can look like a memory leak if there are large spikes in network traffic.

Machina releases prior to this version should not be used due to the potential for targeted network data to be lost when there is a lot of other network traffic occurring. While socket capture does not provide a 100% reliable way of preventing this data loss, this version is much better at it and does not interfere with the process initiating the network connection, unlike other techniques such as winsock hooks.

Compiled binaries are available on nuget.

This is a minor update to fix a few bugs:

• If a ProcessID was specified, it was being ignored. This has been fixed.
• If a Local IP address to listen to was specified, it was being ignored. This has been fixed.
• If no process ID was specified but a window name was provided, but the process recycled, it did not pick up the new process ID.
• If the process has more than one network connection and one of them is localhost, the code now picks the non-localhost interface to listen on. This is because processes may use localhost for interprocess communication. If localhost is the interface with the needed data, please explicitly specify 127.0.0.1 as the LocalIP to force it.
• Fixed GetNetworkInterfaceIPs to return local IPs only for active interfaces by checking the interface status.
• Toned down debug logging when unexpected data comes over the wire. Out-of-order packets should not be logged at all unless the stream sequence needs to be corrected.
• Removed filter in ProcessTCPClass for TCP Port 443, this should not have been left in.
• Minor adjustments to test cases.

Updated v2.0.1 libraries are on nuget.

This is a rewrite of the Machina network data capture library based off the original closed source created by Ravahn. It has been heavily altered to make it more general purpose and decoupled from any particular platform.
Major features:

• Supports capture of network data from a single process using either raw winsock sockets or WinPCap
• Decodes IP4 and TCP layers - supports IP fragmentation and TCP reordering
• Includes both sent and received data from the process.
• Data payload is accessible through delegates

There is an additional library - Machina.FFXIV - with Final Fantasy XIV message decoding routines that relies on the base Machina library

Both are released under the GPL3 license, and are available on nuget.org.