Packet Decoding

Video packet not decode as RTP

Hi All,

I am just writing a simple program to read the offline RTP packets and display the payload type and sequence number. I am successfully getting the ouput if the payload type is audio & static payload (i.e. G711a or G711u). But, no output if the packets are H.264 (dynamic payload type = 126). Here is the part of code.

JPacket packet.getHeader(rtp);

if (packet.hasHeader(rtp)) {

System.out.println(rtp.type() + "," + rtp.sequence());

I would appreciate, if you can shed me some light. Thanks in advance.

PS: Wireshark RTP Analysis shows the perfect the report for both of my audio & video streams. So, offline capture file seems ok.

core dump


I use on SunOS 5.10 (i386). I listen multiple network interfaces. I got core dump on stderr, (abort - core dump) and JVM create a error details like hs_err_pid00012.log. Thanks for helps.

Part of error file is below

# A fatal error has been detected by the Java Runtime Environment:
# SIGSEGV (0xb) at pc=0xd4197197, pid=8097, tid=52
# JRE version: 6.0_18-b07
# Java VM: Java HotSpot(TM) Server VM (16.0-b13 mixed mode solaris-x86 )
# Problematic frame:
# C [] _Z13record_headerP6scan_t+0xf1
# If you would like to submit a bug report, please visit:
# The crash happened outside the Java Virtual Machine in native code.
# See problematic frame for where to report the bug.

--------------- T H R E A D ---------------

Current thread (0x0857a800): JavaThread "DeviceMonitor_5" [_thread_in_native, id=52, stack(0xd3edd000,0xd3f2d000)]

siginfo:si_signo=SIGSEGV: si_errno=0, si_code=1 (SEGV_MAPERR), si_addr=0x00000054

EAX=0x00000100, EBX=0xd41b09ac, ECX=0xd75ec228, EDX=0x00000000
ESP=0xd3f2bfa0, EBP=0xd3f2bfc8, ESI=0x00000000, EDI=0x00000000
EIP=0xd4197197, EFLAGS=0x00010216

Top of Stack: (sp=0xd3f2bfa0)
0xd3f2bfa0: d3edb230 d6f03108 00000022 d41964a0
0xd3f2bfb0: f71538a0 00000000 00000000 d41b09ac
0xd3f2bfc0: f764c500 0857a800 d3f2bfe8 d419ade8
0xd3f2bfd0: d3edb230 d3f2c038 08510d00 d419adba
0xd3f2bfe0: d3edb230 f764c500 d3f2c028 fb20a152
0xd3f2bff0: 0857a910 d3f2c038 d3f2c034 00000000
0xd3f2c000: d3f2c00c d3f2c004 d3f2c008 f764c500
0xd3f2c010: d3f2c038 f764ce80 00000000 f764c500

Instructions: (pc=0xd4197197)
0xd4197187: 7d f0 8b 45 08 8b 48 34 b8 01 00 00 00 d3 e0 99
0xd4197197: 8b 4f 54 09 c1 89 4e 54 8b 47 58 09 d0 89 46 58

Stack: [0xd3edd000,0xd3f2d000], sp=0xd3f2bfa0, free space=13bfedf0004k

Dropped Packets & Testing?

I was wondering what the best way is to see if there is dropped packets or if I am losing anything? Below is my code which is pretty newbieish. But what I am trying to do is capture packets and look for keywords in the packets in a separate method which is hand written code of my own method in another class. I put a 30 minute timeout, does that mean it will queue packets in memory if there is a blocking occurring in the nextPacket method? My java class puts all the packets into an MySQL database to be searched on and also allows someone to filter keywords or target keywords so it only puts those in the MySQL db. Let me know if I am completely not handling this situation right:

package dovestech;
import java.util.ArrayList;
import java.util.List;
import javax.servlet.*;
import org.jnetpcap.Pcap;
import org.jnetpcap.PcapIf;
import org.jnetpcap.packet.*;

public class pcapDumper extends Thread implements ServletContextListener {

public static void main(String[] args) {

public void contextInitialized(ServletContextEvent sce)
catch (Exception e)

running = true;
Thread thread = new pcapDumper(); thread.start();
public void contextDestroyed(ServletContextEvent sce)
running = false;
catch (Exception e)

private String[] commaParse(String aString){
String[] splittArray = null;
if (aString != null || !aString.equalsIgnoreCase("")){
splittArray = aString.split(",");
System.out.println(aString + " " + splittArray);
return splittArray;
public void run()
if (dovestech.filterLargePackets.equals("true"))
filterLarge = 1514;
filterLarge = 99999;

how to identify packet interface


I listen multiple network interface with promiscuous mode. I have a packet that type of PcapPacket. How to identify network interface from packet?


Null Pointer running

I am running the latest version of jnetPcap (jnetpcap-1.4.b0004-1.win32) downloaded today on Windows Vista 32-bit

I am trying to run the example file and I am getting the following exception:

superFlowMap::Exception in thread "main" java.lang.NullPointerException
at org.jnetpcap.packet.JFlow.toString(
at org.jnetpcap.packet.JFlowMap.toString(
at java.util.Formatter$FormatSpecifier.printString(Unknown Source)
at java.util.Formatter$FormatSpecifier.print(Unknown Source)
at java.util.Formatter.format(Unknown Source)
at Source)
at Source)
at CommonUsageExamples.main(

Corresponding to this line:

System.out.printf("superFlowMap::%s%n", superFlowMap); [line 303 in the current source version]

Note: I added some print statements in the earlier parts of the file and so my line numbers are probably a bit off of the original. I have attached the pcap file I was using, but I also get the same error when using the originally suggested test file: tests/test-http-jpeg.pcap

Thanks for any help you could provide.