• TCP/IP Jnetpcap java数据抓包 小demo

    jpcap java用于数据抓包的另一大jar包,由于年久失修(不更新)折腾了一下,就被我遗弃了,改用了Jnetpcap,网上资料比较少,基本只能从官网获取一下资料。

    参考资料:Jnetpcap官网  http://www.jnetpcap.com/?q=examples


    import java.util.ArrayList;
    import java.util.Date;
    import java.util.List;
    import org.jnetpcap.Pcap;
    import org.jnetpcap.PcapIf;
    import org.jnetpcap.packet.PcapPacket;
    import org.jnetpcap.packet.PcapPacketHandler;
    import org.jnetpcap.packet.format.FormatUtils;
    import org.jnetpcap.protocol.lan.Ethernet;
    import org.jnetpcap.protocol.network.Ip4;
    public class Test {
        public static void main(String[] args) {
            List<PcapIf> alldevs = new ArrayList<PcapIf>(); // Will be filled with
                                                            // NICs
            StringBuilder errbuf = new StringBuilder(); // For any error msgs
             * First get a list of devices on this system
            int r = Pcap.findAllDevs(alldevs, errbuf);
            if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
                System.err.printf("Can't read list of devices, error is %s",
            System.out.println("Network devices found:");
            // 迭代找到的所有网卡
            int i = 0;
            for (PcapIf device : alldevs) {
                String description = (device.getDescription() != null) ? device
                        .getDescription() : "No description available";
                System.out.printf("#%d: %s [%s]
    ", i++, device.getName(),
            PcapIf device = alldevs.get(2); // We know we have at least 1 device 选择监听那个网卡
    Choosing '%s' on your behalf:
                    (device.getDescription() != null) ? device.getDescription()
                            : device.getName());
             * Second we open up the selected device
            // 截取长度不超过数据报max65535
            int snaplen = 64 * 1024; // Capture all packets, no trucation 截断
            // 混杂模式
            int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
            int timeout = 10 * 1000; // 10 seconds in millis
            Pcap pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout,
            if (pcap == null) {
                System.err.printf("Error while opening device for capture: "
                        + errbuf.toString());
             * Third we create a packet handler which will receive packets from the
             * libpcap loop.
             * Fourth we enter the loop and tell it to capture 10 packets. The loop
             * method does a mapping of pcap.datalink() DLT value to JProtocol ID,
             * which is needed by JScanner. The scanner scans the packet buffer and
             * decodes the headers. The mapping is done automatically, although a
             * variation on the loop method exists that allows the programmer to
             * sepecify exactly which protocol ID to use as the data link type for
             * this pcap interface.
            pcap.loop(-1, new PacketHandler<String>(), "jNetPcap rocks!");
             * Last thing to do is close the pcap handle


    import java.util.Date;
    import org.jnetpcap.packet.PcapPacket;
    import org.jnetpcap.packet.PcapPacketHandler;
    import org.jnetpcap.protocol.lan.Ethernet;
    import org.jnetpcap.protocol.network.Ip4;
    import org.jnetpcap.protocol.tcpip.Http;
    import org.jnetpcap.protocol.tcpip.Tcp;
    import org.jnetpcap.protocol.tcpip.Udp;
    public class PacketHandler<T> implements PcapPacketHandler<T> {
        public void nextPacket(PcapPacket packet, T user) {
            Http http = new Http();
            if (!packet.hasHeader(http)) {
            // System.out.printf("Received packet at %s caplen=%-4d len=%-4d %s
            // new Date(packet.getCaptureHeader().timestampInMillis()), packet
            // .getCaptureHeader().caplen(), // Length
            // // actually
            // // captured
            // packet.getCaptureHeader().wirelen(), // Original
            // // length
            // user // User supplied object
            // );
            String contend = packet.toString();
            if (contend.contains("DDDDD")&&contend.contains("upass")) {
            // }
            // System.out.println( http.getPacket().toString());
            // System.out.println(contend);
            // String hexdump=packet.toHexdump(packet.size(), false, true,
            // false);
            // byte[] data = FormatUtils.toByteArray(hexdump);
            Ethernet eth = new Ethernet(); // Preallocate our ethernet
                                            // header
            Ip4 ip = new Ip4(); // Preallocat IP version 4 header
            Tcp tcp = new Tcp();
            Udp udp = new Udp();
            // Http http=new Http();
            // if (packet.hasHeader(eth)) {
            // System.out.printf("ethernet.type=%X
    ", eth.type());
            // }
            // if (packet.hasHeader(ip)) {
            // System.out.printf("ip.version=%d
    ", ip.version());
            // }


  • 相关阅读:
    Mac idea 打不开
    git学习之git reset命令
    更改 macOS 用户帐户和个人文件夹的名称
    SpringBoot系列: 如何优雅停止服务
    rocketMq4.2.0启动broker报错找不到或无法加载主类 FilesJavajdk1.8.0_101libdt.jar;C:Program]
    mac 10.15 国内如何安装brew
    Mac下SSH Key配置
    买苹果MacBook Pro ,有必要买care吗?
  • 原文地址:https://www.cnblogs.com/linkarl/p/5738481.html
Copyright © 2020-2023  润新知