Packet Decoding

Match multiple headers in a packet payload

Hi, i am trying to decode SMPP protocol PDU's.
I ve already implemented the header, but i have a problem when a packet has more than one SMPP PDU in the same packet. My program only decodes the first one , how can i do to decode all SMPP PDU's in a packet, with out having to find the other SMPP's headers in the payload.
I have the same header repetead several times in the payload.
Thanks in advance.

Custom TCP header over IPv4 (overriding the core TCP header)

Hello everyone,
I'm trying to add a custom TCP header which binds to ipv4; essentially replacing the core TCP header that comes with jnetpcap. I've tried my custom header for other unregistered ip types (eg 50), but haven't been successful with type 6 which is TCP. I've set everything up, correctly registered the header and have bind it to ipv4, but it seems that ip packets with type==6 are diverted to the core tcp binding and not to my custom header.

How can I add a custom library that overrides the core TCP binding, using a custom header? I've been pulling my hair out over this and would appreciate any feedback on this.

Got an exception while reading all headers


I am new and using jnetstream to read packet from the pcap files. In multi threaded environment it is not able to read all the headers(intermittent). Throws below exception

Exception in thread "ProcessingEngine-Thread_agent"
java.lang.StackOverflowError: Can't pop empty stack
at com.slytechs.utils.memory.BitBuffer.pop(Unknown Source)
at com.slytechs.utils.memory.BitBuffer.getBits(Unknown Source)
at com.slytechs.jnetstream.packet.AbstractData.readShort(Unknown Source)
at org.jnetstream.protocol.FastScanner.scanEthernet2(Unknown Source)
at org.jnetstream.protocol.FastScanner.scanEthernet(Unknown Source)
at org.jnetstream.protocol.FastScanner.scan(Unknown Source)
at org.jnetstream.protocol.FastScanner.fullScan(Unknown Source)
at com.slytechs.jnetstream.packet.APacket.fullScan(Unknown Source)
at com.slytechs.jnetstream.packet.APacket.getAllHeaders(Unknown Source)

After throwing this error thread got killed which was using this API.

Kindly let me know what could be the reason.

decode specific protocols


Is it possible to limit the set of protocols the JPacket.scan(...) method is looking for? In particular, I am only interested in TCP, UDP and ICMP (and Ethernet and IP4, of course). I suppose I have to do something with the JRegistry class (?) but I don't understand the API.

Why am I asking? Because:
- First, I get error output of the form "validate_sip(): #171959 INVALID size=9 sip=ACK 157" when trying to process my pcap files. This is either a bug or caused by the fact that the pcap files only contain the first 96 bytes of each packet (capture length). Since I am not interested in sip, I would be more than happy to find a way to get rid of those messages.
- Second, I would like to speed up the decoding process. The scan method is significantly slowing down my program. One option would be to manually parse the packet payload but that's something I would like to avoid Smile

(Windows Vista 32-bit, Java 1.6.0_15, jNetPcap 1.3.0 (2011-04-01))

Need to fetch TCP / IP Header

Hi There !!

I am newbie to jNetPcap.

I have working environment for jNetPcap and able to run ClassicPcapExample for network Devices and 10 packets.

I have been reading through User guides and Tutorials , However not able to find exact code for extraction of any Header of TCP /IP.

As a Investigation, I need to find out 1-2 Headers like Time Stamp , TTL etc.

Please let me know, where I can look for same.

Appreciate your quick response.

Thank you.