Packet Decoding

Problem with Arraylist and JPackets

I have a problem with JPackets and Arraylists. When I take the JPackets again, i can't use the normal functions:

public class typeMTCE {
    private static ArrayList lista = new ArrayList();

    public void addLista(JPacket p){
        lista.add(p);
    }

    public JPacket getLista(int num) {
        return lista.get(num);
    }
}

Taking in other class the packets...

JPacket packet = mtce.getLista(jTable1.getSelectedRow());
                    Ip4 ip = new Ip4();
                    Tcp tcp = new Tcp();
                    Http http = new Http();
                    Html html = new Html();
                    ip.setPacket(packet);
                    tcp.setPacket(packet);
                    http.setPacket(packet);
                    html.setPacket(packet);
                    if (packet.hasHeader(tcp) && packet.hasHeader(http)){
                        if (http.isResponse()) 

I cant use http.isResponse(), it send false alltimes. I need help Worried

Im new and in need of help

Hi,
I am new and been looking but wasn't able to find any way to get the source/destination ip from generated pcap file. The file is from CAIDA which contains Internet Traces Dataset. If someone could provide an example to just be able to extract IP's or any other info from the dataset that would be perfect. Thanks for the help.

JPacket.hasHeader() seldom throws IndexOutOfBoundsException

Hello JnetPcap team,

I'm working with 1.3b4-1 JNetPcap to process captured file.
Approximately, 1 of 3000 comes out with exception like this.

19:43:07,211 ERROR pool-1-thread-4 PcapFileProccessor:run:222 - Exception occurred while processing messages.
java.lang.IndexOutOfBoundsException: Invalid [635968000,652771981,16803981) range.
at org.jnetpcap.nio.JMemory.peer(Unknown Source)
at org.jnetpcap.nio.JBuffer.peer(Unknown Source)
at org.jnetpcap.packet.JPacket.getHeaderByIndex(Unknown Source)
at org.jnetpcap.packet.JPacket.hasHeader(Unknown Source)
at org.jnetpcap.packet.JPacket.hasHeader(Unknown Source)
at com.asc.rec.voicespy.dataprovider.filter.FilterHandler.run(FilterHandler.java:159)

One more interesting thing happens from time to time.
In code fragment below where I want to check whether JMemoryPacket contains RTP header

JPacket p = packetBuffer.poll();
Rtp h = p.getHeader(new Rtp());
if (h == null){
logger.debug("Packet suddenly turns to crap");
return 0;
}

I've got (h==null) and error message even though same packet passes this check successfully
before it has been put into packetBuffer<JPacket>.
Does this means that memory corruption occurs while packet traverse thru buffer?

BufferUnderflowException caused by hasHeader()

Hi guys

Just like the subject suggests, I get a BufferUnderflowException from hasHeader() under some pretty strange circumstance. First of all, here's the call trace:

java.nio.BufferUnderflowException at org.jnetpcap.nio.JBuffer.check(Unknown Source)
	at org.jnetpcap.nio.JBuffer.getUByte(Unknown Source)
	at org.jnetpcap.protocol.tcpip.Tcp.decodeHeader(Unknown Source)
	at org.jnetpcap.packet.JHeader.decode(Unknown Source)
	at org.jnetpcap.packet.JPacket.getHeaderByIndex(Unknown Source)
	at org.jnetpcap.packet.JPacket.hasHeader(Unknown Source)
	at org.jnetpcap.packet.JPacket.hasHeader(Unknown Source)
	at DigestCalulator.calculatePacketDigest(DigestCalulator.java:48)
	at DigestCalulator.calculatePacketDigest(DigestCalulator.java:85)
	at Sender$SenderThread.process(Sender.java:127)
	at Sender$SenderThread.run(Sender.java:89)

Essentially, what I'm trying to do is to calculate a hash on all outgoing packets, and then send a packet that contains the hashes of some 20 packets.
The sender class runs a thread that receives all captured packets through a java blocking queue (placed there by a thread responsible for capturing packets). It peers the received packets with ip and tcp headers and calculates a hash. It's important to note that the received packets are copies, copied from the line:
PcapPacket copy = new PcapPacket(packet)

and the tcp and ip headers peered with the packet are created only once and then peered with each arriving packet (for performance reasons i chose not to create a new tcp and ip header for each arriving packet).

the function that generates the exception is this:

public byte[] calculatePacketDigest(PcapPacket packet, byte[] key)
	{
		md.Init();
		md.Update(key);
		if (packet.hasHeader(ip))
		{
			if (ip.flags_MF() == 0 && ip.offset() == 0) 
			{
				md.Update(intToByteArray(ip.tos()));
				md.Update(intToByteArray(ip.id()));
				md.Update(intToByteArray(ip.flags()));

				if (packet.hasHeader(tcp))
				{

Are there any examples about multi header instances?

Just want to test how packet.hasHeader(T header, int instances) working?