Dear Mark,
May we know when a new version of jnetpcap (stable or b-11) would be released ?
Thanks and take care,
best regards,
Vikram
Can somebody put a simple example of sendPacket method. I just need to create a packet that consists of Eth, Ip4, Tcp and Payload. Now I am just filling the buffer but I guess there's a better way. I would like to use something like tcp = packet.getHeader(new Tcp()) but i can only get away with Ethernet and Ipv4 headers..Tcp is null...can someone put a quick example please..Example of my code:
JBuffer jb = new JBuffer(TotalL);
JMemoryPacket packet = new JMemoryPacket(TotalL) {
@Override
public void allocate(int size) {
super.allocate(size - State.sizeof(DEFAULT_STATE_HEADER_COUNT));
super.peer(super.memory);
}
};
packet.order(ByteOrder.BIG_ENDIAN);
packet.setUShort(0 + 12, 0x800); // ethernet.type field
packet.setUByte(14 + 0, 0x45); // ip.version and ip.hlen fields
packet.setUByte(14 + 9, 0x6); // ip.type = TCP, and so on
packet.scan(JProtocol.ETHERNET_ID);
Ethernet eth = packet.getHeader(new Ethernet());
Ip4 ip = packet.getHeader(new Ip4());
// Now fill in the details, Ethernet header first
eth.destination(new byte[] {(byte)0xaa, (byte)0x0c, (byte)0x08, (byte)0x11, (byte)0x22, (byte)0x33});
eth.source(new byte[] {(byte)0x00, (byte)0x1e, (byte)0x8c, (byte)0xbc, (byte)0x3a, (byte)0x37});
// IP data next
ip.source(new byte[] {(byte)192, (byte)168, (byte)0, (byte)4});
// ip.destination has a bug, setByteArray used
ip.setByteArray(16, new byte[] {(byte)195, 29, 7, 100});
ip.setUByte(8, 50); //TTL
ip.setUByte(9, 6); //protocol
ip.setUByte(3, TotalL - eth.size()); //Total Length
ip.checksum(ip.calculateChecksum());
//TCP starting at byte 34
packet.setUShort(34, 202); // TCP source port
packet.setUShort(36, 1460); // TCP destination port
packet.setUInt(38, (byte)25); // Sequence number
packet.setUInt(42, (byte)25); // ACK number
packet.setUByte(46, (byte)80); // Header length
packet.setUByte(47, 24); // Flags PSH, ACK
packet.setUShort(48, 65535); // Window size
Hello,
I tried to install jNetPcap and tried to use it in an Eclipse project. I included the jnetpcap.jar to my project's build path as descriped in the user guide.
But I m not sure whether I set the native library location right. Does any one know where to find it on Ubuntu?
I tried /usr/lib but when I try to run a little test project I get the following:
Exception in thread "main" java.lang.UnsatisfiedLinkError: no jnetpcap in java.library.path
at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1709)
at java.lang.Runtime.loadLibrary0(Runtime.java:823)
at java.lang.System.loadLibrary(System.java:1028)
at org.jnetpcap.Pcap.
at PacketCatcher.main(PacketCatcher.java:13)
Thank you!
I needed a bit of a break from working continuously on jNetPcap so I did some work on NAP capture file format. A somewhat of a small rival to pcap-ng file format being developed by pcap folks.
I had an initial design and draft already done, but after revisiting it, found changing things around significantly. The 2 file formats look similar, but they were developed independently, and just happened to end up on a similar track. I guess its a validation of sorts when 2 projects merge on the similar ideas that those ideas are probably the correct ones.
After careful analysis and some basic API implementation on a C library for a public API, the seemingly simple file format turned out to have major issues when it comes to alignment of data. I'm still not quiet sure how pcap-ng format addresses alignment concerns. For NAP alignment especially on architecture platforms requiring strict data alignment such as Itanium processors, it was a significant effort to get all the pieces of the specification to fall into place.
After about 16 different versions of the basic record format I think I have a pretty good candidate for storing packet data in a file. Let me briefly state the objectives of the file format:
All of these goals have been met with the current specification. The data in this format can be streamed such as a socket, http connection and data processed as it arrives while at the same time when in physical file form, the data can be accesses from any part of the file using indexing of records.
The format is based on records stored within it. There are 5 record classes:
Hi,
System specification: Windows 7, jNetPcap - latest relase, WinPcap 4.0.2
I am trying to implement software switch. However, ping between computers work, when I start to browse shared folders after a while I'll get ConcurrentModificationException. The error stack looks like this:
Exception in thread "port2Rcv" java.util.ConcurrentModificationException
at java.util.LinkedList$ListItr.checkForComodification(LinkedList.java:761)
at java.util.LinkedList$ListItr.next(LinkedList.java:696)
at org.jnetpcap.nio.JMemoryPool.getFromPool(JMemoryPool.java:260)
at org.jnetpcap.nio.JMemoryPool.getBlock(JMemoryPool.java:242)
at org.jnetpcap.nio.JMemoryPool.allocate(JMemoryPool.java:209)
at org.jnetpcap.packet.JPacket.allocate(JPacket.java:577)
at org.jnetpcap.packet.JPacket.getMemoryBuffer(JPacket.java:771)
at org.jnetpcap.packet.PcapPacket.transferStateAndDataTo(PcapPacket.java:984)
at org.jnetpcap.packet.PcapPacket.(PcapPacket.java:548)
at switchComponents.port$1.nextPacket(port.java:45)
at switchComponents.port$1.nextPacket(port.java:42)
at org.jnetpcap.Pcap.loop(Native Method)
at org.jnetpcap.Pcap.loop(Pcap.java:2417)
at switchComponents.port.startCapture(port.java:50)
at softswitch.portRcvThread.run(Main.java:42)
at java.lang.Thread.run(Thread.java:619)
I found at http://java.sun.com/j2se/1.4.2/docs/api/java/util/ConcurrentModification... , what the exception means, but i dont think this is the case.
I am using this function in one thread to capture:
public void startCapture(WinPcap pcap) {
PcapPacketHandler handler = new PcapPacketHandler() {
public void nextPacket(PcapPacket packet, receiveSendQueue queue) {
table.checkMacAddr(packet.getByteArray(6, 12), portId); Hi,
Q: Does the WinPcap.OPENFLAG_NOCAPTURE_LOCAL work?
I am using latest release of jNetPcap(dev release) with WinPcap 4.0.1(under Win Vista 32bit).
In my program I am using WinPcap.open() to open device with appropriate flags: WinPcap.OPENFLAG_NOCAPTURE_LOCAL | WinPcap.MODE_PROMISCUOUS.
My problem is even if I open device with above stated flags and start capture. I still capture packets with source MAC address corresponding to my device MAC address. Thus i am capturing my own generated traffic.
Or is it meant in another way? Like generated traffic with methods inject or sendPacket ?
P.S.I am trying to implement software switch.
Itanium 64 support is going to be very troublesome. The reason for this is that it requires very strict "alignment" of data primitives in memory. Any misalignment will immediately throw an exception and cause a crash.
I haven't decided or gotten to that the point yet, but I can already see that it will cause trouble. Libpcap itself doesn't support Itanium at this point either, they are having the same type of "alignment" issues as I am.
And to highlight, x64 and AMD64 are different then IA64. The biggest difference is their tolerance for misaligned data. IA doesn't have any 
Hi,
I have to run an application made by me in Ubuntu into FreeBSD.
How I have to do?? is it possible to install the wrapper into FreeBSD?
Also, I made the JAR file of my project using Eclipse, but I have some problems using the library because when I run it, it throws me an exception because it doesn't find the jnetpcap classes. I've got no problem running it by Eclipse.
Thanks in advance 
Ignacio
Hello
i'm curious that
why i need to wrap my packet that i create with String (RAW content) into ByteBuffer before sending it ??
if not, do i have any other or another class to wrap into ?
Thank you
Champ
We are writing an application to decode the offline pcap file (captured using Wireshark) and displaying each of the attributes within the decoded packet in a user interface.
In this Regard can you please clarify the following:
1) The module wich decodes the pcap file runs on a Solaris box. Can you please clarify if JNetPcap and JNepStream is supported on a solaris box?
2) Does the JNetPcap or JNetstream allow to read the attributes at any level with in the packet? The examples provided are reading attibutes given only at the first level. Please let me know if there are samples which shows how to read the attributes from different levels within packet?
3) Which one is more suited to decode the captured packets, JNetPcap or JNetStream?
Thanks in advance !!