jNetPcap-用Java实现libpcap完整封装的网络数据包捕获函数库
姬心思
在网络上看到了这个项目,本人对这个不太了解,但挺兴趣所以也推荐给大家,希望能一起学习。
jNetPcap是 libpcap 的一个Java完整封装。jNetPcap使 用与libpcap相同风格的API。libpcap是unix/linux平台下的网络数据包捕获函数库,大多数网络监控软件都以它为基础。 Libpcap可以在绝大多数类unix平台下工作。Libpcap提供了系统独立的用户级别网络数据包捕获接口,并充分考虑到应用程序的可移植性。
jNetPcap 官方网站: http://jnetpcap.com/
下面是官方上的一些演示示例:
ClassicPcapExample.java
注:运行demo时,需要注意的情况:
jNetPcap 类库是都通JNI,调用系统的动态链接库来实现与底层设备的交互。所以运行时需要加载。解决办法如下:
设置
jNetPcap是 libpcap 的一个Java完整封装。jNetPcap使 用与libpcap相同风格的API。libpcap是unix/linux平台下的网络数据包捕获函数库,大多数网络监控软件都以它为基础。 Libpcap可以在绝大多数类unix平台下工作。Libpcap提供了系统独立的用户级别网络数据包捕获接口,并充分考虑到应用程序的可移植性。
jNetPcap 官方网站: http://jnetpcap.com/
下面是官方上的一些演示示例:
ClassicPcapExample.java
1
/**
2 * Copyright (C) 2008 Sly Technologies, Inc. This library is free software; you
3 * can redistribute it and/or modify it under the terms of the GNU Lesser
4 * General Public License as published by the Free Software Foundation; either
5 * version 2.1 of the License, or (at your option) any later version. This
6 * library is distributed in the hope that it will be useful, but WITHOUT ANY
7 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
8 * A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
9 * details. You should have received a copy of the GNU Lesser General Public
10 * License along with this library; if not, write to the Free Software
11 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
12 */
13 package org.jnetpcap.examples;
14
15 import java.nio.ByteBuffer;
16 import java.util.ArrayList;
17 import java.util.Date;
18 import java.util.List;
19
20 import org.jnetpcap.Pcap;
21 import org.jnetpcap.PcapHandler;
22 import org.jnetpcap.PcapIf;
23
24 /**
25 * This example is the classic libpcap example shown in nearly every tutorial on
26 * libpcap. It gets a list of network devices, presents a simple ASCII based
27 * menu and waits for user to select one of those interfaces. We will just
28 * select the first interface in the list instead of taking input to shorten the
29 * example. Then it opens that interface for live capture. Using a packet
30 * handler it goes into a loop to catch a few packets, say 10. Prints some
31 * simple info about the packets, and then closes the pcap handle and exits.
32 *
33 * @author Mark Bednarczyk
34 * @author Sly Technologies, Inc.
35 */
36 @SuppressWarnings( " deprecation " )
37 public class ClassicPcapExample {
38
39 public static void main(String[] args) {
40 List < PcapIf > alldevs = new ArrayList < PcapIf > (); // Will be filled with NICs
41 StringBuilder errbuf = new StringBuilder(); // For any error msgs
42
43 /** ******************************************
44 * 取得设备列表
45 ******************************************* */
46 int r = Pcap.findAllDevs(alldevs, errbuf);
47 if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
48 System.err.printf( " Can't read list of devices, error is %s " , errbuf
49 .toString());
50 return ;
51 }
52
53 System.out.println( " Network devices found: " );
54
55 int i = 0 ;
56 for (PcapIf device : alldevs) {
57 System.out.printf( " #%d: %s [%s]\n " , i ++ , device.getName(), device
58 .getDescription());
59 }
60
61 PcapIf device = alldevs.get( 2 ); // We know we have atleast 1 device
62 System.out.printf( " \nChoosing '%s' on your behalf:\n " , device
63 .getDescription());
64
65 /** *************************************
66 * 打开选中的设备
67 ************************************** */
68 int snaplen = 64 * 1024 ; // Capture all packets, no trucation
69 int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
70 int timeout = 10 * 1000 ; // 10 seconds in millis
71 Pcap pcap = Pcap
72 .openLive(device.getName(), snaplen, flags, timeout, errbuf);
73
74 if (pcap == null ) {
75 System.err.printf( " Error while opening device for capture: "
76 + errbuf.toString());
77 return ;
78 }
79
80 /** ********************************************************************
81 * Third we create a packet hander which will be dispatched to from the
82 * libpcap loop.
83 ********************************************************************* */
84 PcapHandler < String > printSummaryHandler = new PcapHandler < String > () {
85
86 public void nextPacket(String user, long seconds, int useconds,
87 int caplen, int len, ByteBuffer buffer) {
88 Date timestamp = new Date(seconds * 1000 + useconds / 1000 ); // In millis
89
90 System.out.printf( " Received packet at %s caplen=%-4d len=%-4d %s\n " ,
91 timestamp.toString(), // timestamp to 1 ms accuracy
92 caplen, // Length actually captured
93 len, // Original length of the packet
94 user // User supplied object
95 );
96 }
97 };
98
99 /** **********************************************************
100 * Fourth we enter the loop and tell it to capture 10 packets
101 *********************************************************** */
102 pcap.loop( 10 , printSummaryHandler, " jNetPcap rocks! " );
103
104 /*
105 * Last thing to do is close the pcap handle
106 */
107 pcap.close();
108 }
109 }
110
2 * Copyright (C) 2008 Sly Technologies, Inc. This library is free software; you
3 * can redistribute it and/or modify it under the terms of the GNU Lesser
4 * General Public License as published by the Free Software Foundation; either
5 * version 2.1 of the License, or (at your option) any later version. This
6 * library is distributed in the hope that it will be useful, but WITHOUT ANY
7 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
8 * A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
9 * details. You should have received a copy of the GNU Lesser General Public
10 * License along with this library; if not, write to the Free Software
11 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
12 */
13 package org.jnetpcap.examples;
14
15 import java.nio.ByteBuffer;
16 import java.util.ArrayList;
17 import java.util.Date;
18 import java.util.List;
19
20 import org.jnetpcap.Pcap;
21 import org.jnetpcap.PcapHandler;
22 import org.jnetpcap.PcapIf;
23
24 /**
25 * This example is the classic libpcap example shown in nearly every tutorial on
26 * libpcap. It gets a list of network devices, presents a simple ASCII based
27 * menu and waits for user to select one of those interfaces. We will just
28 * select the first interface in the list instead of taking input to shorten the
29 * example. Then it opens that interface for live capture. Using a packet
30 * handler it goes into a loop to catch a few packets, say 10. Prints some
31 * simple info about the packets, and then closes the pcap handle and exits.
32 *
33 * @author Mark Bednarczyk
34 * @author Sly Technologies, Inc.
35 */
36 @SuppressWarnings( " deprecation " )
37 public class ClassicPcapExample {
38
39 public static void main(String[] args) {
40 List < PcapIf > alldevs = new ArrayList < PcapIf > (); // Will be filled with NICs
41 StringBuilder errbuf = new StringBuilder(); // For any error msgs
42
43 /** ******************************************
44 * 取得设备列表
45 ******************************************* */
46 int r = Pcap.findAllDevs(alldevs, errbuf);
47 if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
48 System.err.printf( " Can't read list of devices, error is %s " , errbuf
49 .toString());
50 return ;
51 }
52
53 System.out.println( " Network devices found: " );
54
55 int i = 0 ;
56 for (PcapIf device : alldevs) {
57 System.out.printf( " #%d: %s [%s]\n " , i ++ , device.getName(), device
58 .getDescription());
59 }
60
61 PcapIf device = alldevs.get( 2 ); // We know we have atleast 1 device
62 System.out.printf( " \nChoosing '%s' on your behalf:\n " , device
63 .getDescription());
64
65 /** *************************************
66 * 打开选中的设备
67 ************************************** */
68 int snaplen = 64 * 1024 ; // Capture all packets, no trucation
69 int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
70 int timeout = 10 * 1000 ; // 10 seconds in millis
71 Pcap pcap = Pcap
72 .openLive(device.getName(), snaplen, flags, timeout, errbuf);
73
74 if (pcap == null ) {
75 System.err.printf( " Error while opening device for capture: "
76 + errbuf.toString());
77 return ;
78 }
79
80 /** ********************************************************************
81 * Third we create a packet hander which will be dispatched to from the
82 * libpcap loop.
83 ********************************************************************* */
84 PcapHandler < String > printSummaryHandler = new PcapHandler < String > () {
85
86 public void nextPacket(String user, long seconds, int useconds,
87 int caplen, int len, ByteBuffer buffer) {
88 Date timestamp = new Date(seconds * 1000 + useconds / 1000 ); // In millis
89
90 System.out.printf( " Received packet at %s caplen=%-4d len=%-4d %s\n " ,
91 timestamp.toString(), // timestamp to 1 ms accuracy
92 caplen, // Length actually captured
93 len, // Original length of the packet
94 user // User supplied object
95 );
96 }
97 };
98
99 /** **********************************************************
100 * Fourth we enter the loop and tell it to capture 10 packets
101 *********************************************************** */
102 pcap.loop( 10 , printSummaryHandler, " jNetPcap rocks! " );
103
104 /*
105 * Last thing to do is close the pcap handle
106 */
107 pcap.close();
108 }
109 }
110
PcapDumperExample.java
package
org.jnetpcap.examples;
import java.io.File;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.List;
import org.jnetpcap.Pcap;
import org.jnetpcap.PcapDumper;
import org.jnetpcap.PcapHandler;
import org.jnetpcap.PcapIf;
public class PcapDumperExample {
public static void main(String[] args) {
List < PcapIf > alldevs = new ArrayList < PcapIf > (); // Will be filled with NICs
StringBuilder errbuf = new StringBuilder(); // For any error msgs
/** *************************************************************************
* First get a list of devices on this system
************************************************************************* */
int r = Pcap.findAllDevs(alldevs, errbuf);
if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
System.err.printf( " Can't read list of devices, error is %s\n " ,
errbuf.toString());
return ;
}
PcapIf device = alldevs.get( 1 ); // We know we have atleast 1 device
/** *************************************************************************
* Second we open up the selected device
************************************************************************* */
int snaplen = 64 * 1024 ; // Capture all packets, no trucation
int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
int timeout = 10 * 1000 ; // 10 seconds in millis
Pcap pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);
if (pcap == null ) {
System.err.printf( " Error while opening device for capture: %s\n " ,
errbuf.toString());
return ;
}
/** *************************************************************************
* Third we create a PcapDumper and associate it with the pcap capture
************************************************************************** */
String ofile = " tmp-capture-file.cap " ;
PcapDumper dumper = pcap.dumpOpen(ofile); // output file
/** *************************************************************************
* Fouth we create a packet handler which receives packets and tells the
* dumper to write those packets to its output file
************************************************************************* */
PcapHandler < PcapDumper > dumpHandler = new PcapHandler < PcapDumper > () {
public void nextPacket(PcapDumper dumper, long seconds, int useconds,
int caplen, int len, ByteBuffer buffer) {
dumper.dump(seconds, useconds, caplen, len, buffer);
}
};
/** *************************************************************************
* Fifth we enter the loop and tell it to capture 10 packets. We pass
* in the dumper created in step 3
************************************************************************* */
pcap.loop( 10 , dumpHandler, dumper);
File file = new File(ofile);
System.out.printf( " %s file has %d bytes in it!\n " , ofile, file.length());
/** *************************************************************************
* Last thing to do is close the dumper and pcap handles
************************************************************************* */
dumper.close(); // Won't be able to delete without explicit close
pcap.close();
if (file.exists()) {
file.delete(); // Cleanup
}
}
}
import java.io.File;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.List;
import org.jnetpcap.Pcap;
import org.jnetpcap.PcapDumper;
import org.jnetpcap.PcapHandler;
import org.jnetpcap.PcapIf;
public class PcapDumperExample {
public static void main(String[] args) {
List < PcapIf > alldevs = new ArrayList < PcapIf > (); // Will be filled with NICs
StringBuilder errbuf = new StringBuilder(); // For any error msgs
/** *************************************************************************
* First get a list of devices on this system
************************************************************************* */
int r = Pcap.findAllDevs(alldevs, errbuf);
if (r == Pcap.NOT_OK || alldevs.isEmpty()) {
System.err.printf( " Can't read list of devices, error is %s\n " ,
errbuf.toString());
return ;
}
PcapIf device = alldevs.get( 1 ); // We know we have atleast 1 device
/** *************************************************************************
* Second we open up the selected device
************************************************************************* */
int snaplen = 64 * 1024 ; // Capture all packets, no trucation
int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
int timeout = 10 * 1000 ; // 10 seconds in millis
Pcap pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);
if (pcap == null ) {
System.err.printf( " Error while opening device for capture: %s\n " ,
errbuf.toString());
return ;
}
/** *************************************************************************
* Third we create a PcapDumper and associate it with the pcap capture
************************************************************************** */
String ofile = " tmp-capture-file.cap " ;
PcapDumper dumper = pcap.dumpOpen(ofile); // output file
/** *************************************************************************
* Fouth we create a packet handler which receives packets and tells the
* dumper to write those packets to its output file
************************************************************************* */
PcapHandler < PcapDumper > dumpHandler = new PcapHandler < PcapDumper > () {
public void nextPacket(PcapDumper dumper, long seconds, int useconds,
int caplen, int len, ByteBuffer buffer) {
dumper.dump(seconds, useconds, caplen, len, buffer);
}
};
/** *************************************************************************
* Fifth we enter the loop and tell it to capture 10 packets. We pass
* in the dumper created in step 3
************************************************************************* */
pcap.loop( 10 , dumpHandler, dumper);
File file = new File(ofile);
System.out.printf( " %s file has %d bytes in it!\n " , ofile, file.length());
/** *************************************************************************
* Last thing to do is close the dumper and pcap handles
************************************************************************* */
dumper.close(); // Won't be able to delete without explicit close
pcap.close();
if (file.exists()) {
file.delete(); // Cleanup
}
}
}
注:运行demo时,需要注意的情况:
jNetPcap 类库是都通JNI,调用系统的动态链接库来实现与底层设备的交互。所以运行时需要加载。解决办法如下:
设置
-Djava.library.path参数
java -Djava.library.path=c:\jnetpcap\lib -jar myJNetPcapApp.jar
Good Luck!
Yours Matthew!
类似资料: