我做的这个程序主要是仿snort这个入侵检测系统,这学期开始,我在老师的帮助下看了一些资料,主要是包含了学长用C#做的毕业设计以及两本书《Snort2.0 入侵检测》以及《Snort轻量级入侵检测系统全攻略》。(这两本资料都比较老了,对于学习还是很有用的)
打开Jpcap api-IPPacket class
public int getVersion()
Get the IP version code.
public int getIPHeaderLength()
Fetch the IP header length in bytes.
public int getHeaderLength()
Fetch the packet IP header length.
getHeaderLength in class EthernetPacket
public int getLength()
Fetch the IP length in bytes.
public int getId()
Fetch the unique ID of this IP datagram. The ID normally increments by one each time a datagram is sent by a host.
public int getFragmentFlags()
Fetch fragmentation flags.
public int getFragmentOffset()
Fetch fragmentation offset.
public int getTimeToLive()-获取存活时间
Fetch the time to live. TTL sets the upper limit on the number of routers through which this IP datagram is allowed to pass.
public int getIPProtocol()-获取ip协议类型
Fetch the code indicating the type of protocol embedded in the IP datagram. @see IPProtocols.
public int getProtocol()-获取数据包协议
Fetch the code indicating the type of protocol embedded in the IP datagram. @see IPProtocols.
getProtocol in class EthernetPacket
public int getIPChecksum()
Fetch the header checksum.
public int getChecksum()
Fetch the header checksum.
public java.lang.String getSourceAddress()
Fetch the IP address of the host where the packet originated from.
public byte[] getSourceAddressBytes()
Fetch the source address as a byte array.
public long getSourceAddressAsLong()
Fetch the source address as a long.
public byte[] getIPHeader()
Fetch the IP header a byte array.
public byte[] getIPData()
Fetch the IP data as a byte array.
public static final int IP_VER_LEN
Width of the IP version and header length field in bytes.
See Also:
Constant Field Values
public static final int IP_TOS_LEN
Width of the TOS field in bytes.
See Also:
Constant Field Values
public static final int IP_LEN_LEN
Width of the header length field in bytes.
See Also:
Constant Field Values
public static final int IP_ID_LEN
Width of the ID field in bytes.
See Also:
Constant Field Values
public static final int IP_FRAG_LEN
Width of the fragmentation bits and offset field in bytes.
See Also:
Constant Field Values
public static final int IP_TTL_LEN
Width of the TTL field in bytes.
See Also:
Constant Field Values
public static final int IP_CODE_LEN
Width of the IP protocol code in bytes.
See Also:
Constant Field Values
public static final int IP_CSUM_LEN
Width of the IP checksum in bytes.
See Also:
Constant Field Values
public static final int IP_VER_POS
Position of the version code and header length within the IP header.
See Also:
Constant Field Values
public static final int IP_TOS_POS
Position of the type of service code within the IP header.
See Also:
Constant Field Values
public static final int IP_LEN_POS
Position of the length within the IP header.
See Also:
Constant Field Values
public static final int IP_ID_POS
Position of the packet ID within the IP header.
See Also:
Constant Field Values
public static final int IP_FRAG_POS
Position of the flag bits and fragment offset within the IP header.
See Also:
Constant Field Values
public static final int IP_TTL_POS
Position of the ttl within the IP header.
See Also:
Constant Field Values
public static final int IP_CODE_POS
Position of the IP protocol code within the IP header.
See Also:
Constant Field Values
public static final int IP_CSUM_POS
Position of the checksum within the IP header.
See Also:
Constant Field Values
public static final int IP_SRC_POS
Position of the source IP address within the IP header.
See Also:
Constant Field Values
public static final int IP_DST_POS
Position of the destination IP address within a packet.
See Also:
Constant Field Values
public static final int IP_HEADER_LEN
Length in bytes of an IP header, excluding options.
See Also:
Constant Field Values
package a_20;
public class IPCapPacket {
public final int IpType=1;
String versionAndlength;
String typeOfService;
String totalLength;
String idetifier;
String flagsAndOffser;
String timeToLive;
String protocol;
String checksum;
String sourceAddress;
String destinationAddress;
public IPCapPacket() {
public IPCapPacket(String versionAndlength, String typeOfService,
String totalLength, String idetifier, String flagsAndOffser,
String timeToLive, String protocol, String checksum,
String sourceAddress, String destinationAddress) {
this.versionAndlength = versionAndlength;
this.typeOfService = typeOfService;
this.totalLength = totalLength;
this.idetifier = idetifier;
this.flagsAndOffser = flagsAndOffser;
this.timeToLive = timeToLive;
this.protocol = protocol;
this.checksum = checksum;
this.sourceAddress = sourceAddress;
this.destinationAddress = destinationAddress;
public String getVersionAndlength() {
return versionAndlength;
public void setVersionAndlength(String versionAndlength) {
this.versionAndlength = versionAndlength;
public String getTypeOfService() {
return typeOfService;
public void setTypeOfService(String typeOfService) {
this.typeOfService = typeOfService;
public String getTotalLength() {
return totalLength;
public void setTotalLength(String totalLength) {
this.totalLength = totalLength;
public String getIdetifier() {
return idetifier;
public void setIdetifier(String idetifier) {
this.idetifier = idetifier;
public String getFlagsAndOffser() {
return flagsAndOffser;
public void setFlagsAndOffser(String flagsAndOffser) {
this.flagsAndOffser = flagsAndOffser;
public String getTimeToLive() {
return timeToLive;
public void setTimeToLive(String timeToLive) {
this.timeToLive = timeToLive;
public String getProtocol() {
return protocol;
public void setProtocol(String protocol) {
this.protocol = protocol;
public String getChecksum() {
return checksum;
public void setChecksum(String checksum) {
this.checksum = checksum;
public String getSourceAddress() {
return sourceAddress;
public void setSourceAddress(String sourceAddress) {
this.sourceAddress = sourceAddress;
public String getDestinationAddress() {
return destinationAddress;
public void setDestinationAddress(String destinationAddress) {
this.destinationAddress = destinationAddress;
public String toString() {
// TODO Auto-generated method stub
return "协议" + versionAndlength + typeOfService + totalLength
+ idetifier + flagsAndOffser + timeToLive + protocol + checksum
+ sourceAddress + destinationAddress;
package a_20;
public class TCPCapPacket extends IPCapPacket{
public final int TcpType=2;
private String sourcePort;
private String destinationPort;
private String serialNumber;
private String confrimNumber;
private String windowSize;
private String tcpCheckSum;
private String urgentPointer;
public TCPCapPacket(){}
public String getSourcePort() {
return sourcePort;
public void setSourcePort(String sourcePort) {
this.sourcePort = sourcePort;
public String getDestinationPort() {
return destinationPort;
public void setDestinationPort(String destinationPort) {
this.destinationPort = destinationPort;
public String getSerialNumber() {
return serialNumber;
public void setSerialNumber(String serialNumber) {
this.serialNumber = serialNumber;
public String getConfrimNumber() {
return confrimNumber;
public void setConfrimNumber(String confrimNumber) {
this.confrimNumber = confrimNumber;
public String getWindowSize() {
return windowSize;
public void setWindowSize(String windowSize) {
this.windowSize = windowSize;
public String getTcpCheckSum() {
return tcpCheckSum;
public void setTcpCheckSum(String tcpCheckSum) {
this.tcpCheckSum = tcpCheckSum;
public String getUrgentPointer() {
return urgentPointer;
public void setUrgentPointer(String urgentPointer) {
this.urgentPointer = urgentPointer;
public String toString() {
// TODO Auto-generated method stub
return sourceAddress+sourcePort+destinationAddress+destinationPort+serialNumber+confrimNumber
package a_20;
public class UDPCapPacket extends IPCapPacket {
public final int UdpType=3;
private String sourcePort;
private String destinationPort;
// udp长度
private int udpLength;
// udp校验和
private String checkSum;
public UDPCapPacket(){}
public String getSourcePort() {
return sourcePort;
public void setSourcePort(String sourcePort) {
this.sourcePort = sourcePort;
public String getDestinationPort() {
return destinationPort;
public void setDestinationPort(String destinationPort) {
this.destinationPort = destinationPort;
public int getUdpLength() {
return udpLength;
public void setUdpLength(int udpLength) {
this.udpLength = udpLength;
public String getCheckSum() {
return checkSum;
public void setCheckSum(String checkSum) {
this.checkSum = checkSum;
public String toString() {
// TODO Auto-generated method stub
return sourcePort + destinationPort + udpLength + checkSum;