API

Classic Example

This example is the classic libpcap example in its entirety, shown in nearly every tutorial on libpcap. It gets a list of network devices, presents a simple ASCII based menu and waits for user to select one of those interfaces. We will just select the first interface in the list instead of taking input to shorten the example. Then it opens that interface for live capture. Using a packet handler it goes into a loop to catch a few packets, say 10. Prints some simple info about the packets, and then closes the pcap handle and exits.

Download Source from SVN:

Classic Pcap Example featured below - uses PcapPacketHandler.
Classic Pcap Example using new JBufferHandler - JBuffer and PcapHeader objects are dispatched
Classic Pcap Example using new JPacketHandler - packet objects are dispatched fully decoded.

package org.jnetpcap.examples;
import java.util.ArrayList;
import java.util.Date;
import java.util.List;

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapIf;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.packet.PcapPacketHandler;

/**
 * Here is the output generated by this example :
 * 
 *  Network devices found:
 *  #0: \Device\NPF_{BC81C4FC-242F-4F1C-9DAD-EA9523CC992D} [Intel(R) PRO/100 VE] 
 *  #1: \Device\NPF_{E048DA7F-D007-4EEF-909D-4238F6344971} [VMware Virtual Ethernet Adapter]
 *  #2: \Device\NPF_{5B62B373-3EC1-460D-8C71-54AA0BF761C7} [VMware Virtual Ethernet Adapter]

Read more

TextFormatter

Submitted by Mark Bednarczyk on Fri, 11/07/2008 - 07:52

It came out better than I expected. I've been able to scan more and more files with various protocols. Here is the output from TextFormatter of one of the packets. The last portion of the packet is a 'hexdump' of the X11 header since I haven't written a definition for it. I truncated it a little bit since its very long.

jNetPcap 1.2 Release Overview

jNetPcap 1.2 introduces several new features and small changes to to the existing jNetPcap API.

New Features

Packet decoding - new extension added org.jnetpcap.packet - provides native packet scanner and protocols
Protocol Analysis - stateful packet inspection and analysis. Streams of packets are analyzed, sequenced and reassembled if necessary.
PcapUtils class - static utility methods
New NIO classes - JMemory, JNumber, JStruct, JFunct, JBuffer - provide efficient struct pointer like functionality.
Retrieval of hardware interface address - using MS and Unix extensions and a PcapUtils.getHardwareAddress(String):byte[] is provided.
New libpcap handlers - ByteBufferHandler class, JBufferHandler class, JPacketHandler class

Deprecates

PcapInteger class - will be replaced by JNumber class
PcapHandler class - replaced by ByteBufferHandler class
PcapPktHdr class - replaced by PcapHeader class

Bugs

Memory leak in PcapHandler - a memory leak has been fixed in the JNI method which prevented the allocated ByteBuffer objects from being garbage collected.
sendqueue(int size) size parameter was ignored. Fixed.

Updates: rc2 to rc3 changes

Added PcapPacket(JPacket) constructor.

Details

Release 1.2 adds significant new features and capabilities to jNetPcap library.

Memory management with org.jnetpcap.nio package

Read more

Primary links