jNetPcap-用Java实现libpcap完整封装的网络数据包捕获函数库
在网络上看到了这个项目,本人对这个不太了解,但挺兴趣所以也推荐给大家,希望能一起学习。
jNetPcap是 libpcap
的一个Java完整封装。jNetPcap使 用与libpcap相同风格的API。libpcap是unix/linux平台下的网络数据包捕获函数库,大多数网络监控软件都以它为基础。 Libpcap可以在绝大多数类unix平台下工作。Libpcap提供了系统独立的用户级别网络数据包捕获接口,并充分考虑到应用程序的可移植性。
jNetPcap 官方网站: http://jnetpcap.com/
下面是官方上的一些演示示例:
ClassicPcapExample.java
1
/**
2
* Copyright (C) 2008 Sly Technologies, Inc. This library is free software; you
3
* can redistribute it and/or modify it under the terms of the GNU Lesser
4
* General Public License as published by the Free Software Foundation; either
5
* version 2.1 of the License, or (at your option) any later version. This
6
* library is distributed in the hope that it will be useful, but WITHOUT ANY
7
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR
8
* A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
9
* details. You should have received a copy of the GNU Lesser General Public
10
* License along with this library; if not, write to the Free Software
11
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
12
*/
13
package
org.jnetpcap.examples;
14
15
import
java.nio.ByteBuffer;
16
import
java.util.ArrayList;
17
import
java.util.Date;
18
import
java.util.List;
19
20
import
org.jnetpcap.Pcap;
21
import
org.jnetpcap.PcapHandler;
22
import
org.jnetpcap.PcapIf;
23
24
/**
25
* This example is the classic libpcap example shown in nearly every tutorial on
26
* libpcap. It gets a list of network devices, presents a simple ASCII based
27
* menu and waits for user to select one of those interfaces. We will just
28
* select the first interface in the list instead of taking input to shorten the
29
* example. Then it opens that interface for live capture. Using a packet
30
* handler it goes into a loop to catch a few packets, say 10. Prints some
31
* simple info about the packets, and then closes the pcap handle and exits.
32
*
33
*
@author
Mark Bednarczyk
34
*
@author
Sly Technologies, Inc.
35
*/
36
@SuppressWarnings(
"
deprecation
"
)
37
public
class
ClassicPcapExample {
38
39
public
static
void
main(String[] args) {
40
List
<
PcapIf
>
alldevs
=
new
ArrayList
<
PcapIf
>
();
//
Will be filled with NICs
41
StringBuilder errbuf
=
new
StringBuilder();
//
For any error msgs
42
43
/**
******************************************
44
* 取得设备列表
45
*******************************************
*/
46
int
r
=
Pcap.findAllDevs(alldevs, errbuf);
47
if
(r
==
Pcap.NOT_OK
||
alldevs.isEmpty()) {
48
System.err.printf(
"
Can't read list of devices, error is %s
"
, errbuf
49
.toString());
50
return
;
51
}
52
53
System.out.println(
"
Network devices found:
"
);
54
55
int
i
=
0
;
56
for
(PcapIf device : alldevs) {
57
System.out.printf(
"
#%d: %s [%s]\n
"
, i
++
, device.getName(), device
58
.getDescription());
59
}
60
61
PcapIf device
=
alldevs.get(
2
);
//
We know we have atleast 1 device
62
System.out.printf(
"
\nChoosing '%s' on your behalf:\n
"
, device
63
.getDescription());
64
65
/**
*************************************
66
* 打开选中的设备
67
**************************************
*/
68
int
snaplen
=
64
*
1024
;
//
Capture all packets, no trucation
69
int
flags
=
Pcap.MODE_PROMISCUOUS;
//
capture all packets
70
int
timeout
=
10
*
1000
;
//
10 seconds in millis
71
Pcap pcap
=
Pcap
72
.openLive(device.getName(), snaplen, flags, timeout, errbuf);
73
74
if
(pcap
==
null
) {
75
System.err.printf(
"
Error while opening device for capture:
"
76
+
errbuf.toString());
77
return
;
78
}
79
80
/**
********************************************************************
81
* Third we create a packet hander which will be dispatched to from the
82
* libpcap loop.
83
*********************************************************************
*/
84
PcapHandler
<
String
>
printSummaryHandler
=
new
PcapHandler
<
String
>
() {
85
86
public
void
nextPacket(String user,
long
seconds,
int
useconds,
87
int
caplen,
int
len, ByteBuffer buffer) {
88
Date timestamp
=
new
Date(seconds
*
1000
+
useconds
/
1000
);
//
In millis
89
90
System.out.printf(
"
Received packet at %s caplen=%-4d len=%-4d %s\n
"
,
91
timestamp.toString(),
//
timestamp to 1 ms accuracy
92
caplen,
//
Length actually captured
93
len,
//
Original length of the packet
94
user
//
User supplied object
95
);
96
}
97
};
98
99
/**
**********************************************************
100
* Fourth we enter the loop and tell it to capture 10 packets
101
***********************************************************
*/
102
pcap.loop(
10
, printSummaryHandler,
"
jNetPcap rocks!
"
);
103
104
/*
105
* Last thing to do is close the pcap handle
106
*/
107
pcap.close();
108
}
109
}
110
PcapDumperExample.java
package
org.jnetpcap.examples;
import
java.io.File;
import
java.nio.ByteBuffer;
import
java.util.ArrayList;
import
java.util.List;
import
org.jnetpcap.Pcap;
import
org.jnetpcap.PcapDumper;
import
org.jnetpcap.PcapHandler;
import
org.jnetpcap.PcapIf;
public
class
PcapDumperExample {
public
static
void
main(String[] args) {
List
<
PcapIf
>
alldevs
=
new
ArrayList
<
PcapIf
>
();
//
Will be filled with NICs
StringBuilder errbuf
=
new
StringBuilder();
//
For any error msgs
/**
*************************************************************************
* First get a list of devices on this system
*************************************************************************
*/
int
r
=
Pcap.findAllDevs(alldevs, errbuf);
if
(r
==
Pcap.NOT_OK
||
alldevs.isEmpty()) {
System.err.printf(
"
Can't read list of devices, error is %s\n
"
,
errbuf.toString());
return
;
}
PcapIf device
=
alldevs.get(
1
);
//
We know we have atleast 1 device
/**
*************************************************************************
* Second we open up the selected device
*************************************************************************
*/
int
snaplen
=
64
*
1024
;
//
Capture all packets, no trucation
int
flags
=
Pcap.MODE_PROMISCUOUS;
//
capture all packets
int
timeout
=
10
*
1000
;
//
10 seconds in millis
Pcap pcap
=
Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);
if
(pcap
==
null
) {
System.err.printf(
"
Error while opening device for capture: %s\n
"
,
errbuf.toString());
return
;
}
/**
*************************************************************************
* Third we create a PcapDumper and associate it with the pcap capture
**************************************************************************
*/
String ofile
=
"
tmp-capture-file.cap
"
;
PcapDumper dumper
=
pcap.dumpOpen(ofile);
//
output file
/**
*************************************************************************
* Fouth we create a packet handler which receives packets and tells the
* dumper to write those packets to its output file
*************************************************************************
*/
PcapHandler
<
PcapDumper
>
dumpHandler
=
new
PcapHandler
<
PcapDumper
>
() {
public
void
nextPacket(PcapDumper dumper,
long
seconds,
int
useconds,
int
caplen,
int
len, ByteBuffer buffer) {
dumper.dump(seconds, useconds, caplen, len, buffer);
}
};
/**
*************************************************************************
* Fifth we enter the loop and tell it to capture 10 packets. We pass
* in the dumper created in step 3
*************************************************************************
*/
pcap.loop(
10
, dumpHandler, dumper);
File file
=
new
File(ofile);
System.out.printf(
"
%s file has %d bytes in it!\n
"
, ofile, file.length());
/**
*************************************************************************
* Last thing to do is close the dumper and pcap handles
*************************************************************************
*/
dumper.close();
//
Won't be able to delete without explicit close
pcap.close();
if
(file.exists()) {
file.delete();
//
Cleanup
}
}
}
注:运行demo时,需要注意的情况:
jNetPcap
类库是都通JNI,调用系统的动态链接库来实现与底层设备的交互。所以运行时需要加载。解决办法如下:
设置
-Djava.library.path参数
java -Djava.library.path=c:\jnetpcap\lib -jar myJNetPcapApp.jar
Good Luck!
Yours Matthew!