August 2015

Get DNS query

Hi all,
I need to extract DNS query and response from UDP packets,
Does Anyone know how can I do this?
Maybe this is an old topic but I didn't found details.

Thanks in advance

ICMP sequence number

Hello! I've searched but I was unable to find a function that returns the sequence number from a ICMP packet. Can somebody help me with this?

jNetPcap v2 - Architecture

I'd like to start with the following: The API needs to be redesigned, modular and cleaned up.

I think that says it all for version 2 of jnetpcap. Below is the architectural overview we propose. A lot of this comes from things we wanted to do, need to do, experience with our commercial software and the direction where technology is going.


The jNetPcap project needs to be implemented as a set of coherent modules that add functionality on top of a 'core' feature set. This will allow modules to be updated inpendently without affecting other components of the overall software.

It will also allow user's of the library to pick and choose the modules which they need and not have to download every thing every time.

In terms of development focus, this is also very beneficial, as teams can break off and work on individual modules. We should not leave out, that a modular system will allow specific groups or even companies to take development and maintenance ownership at a modular level.

Lastly, lest not forget that commercial opportunities will present themselves for providing alternatives to the default modules provided by the project, or even modules that are only available commercially, if there is no one else developing or contributing a particular functionality.

A modular system will allow great many different varieties and choices for user's of jNetPcap library.

Proposed Modules

Its an early stage of planning, but the following might provide guidance and example of what type of modules we could develop.

  1. PCAP wrapper - base module that wraps as a thin layer the unix/windows libpcap APIs.
  2. PF_RING wrapper - a PF_RING module which enhances the performance of libpcap

Decode RTP Packet's Payload

Hi every one.

Now I have a project about recording VoIP Call.
I had reused Class in jNetPcap source code to get payload of RTP packet, and save them as a stream into a file.
But I have some wonders about initial protocols as well as decode payload which is captured above.
- The 1st things, when I use sample of .pcap file included in source code, everything did well, but when I using my .pcap file I had captured when I made a VoIP call, if initial protocol is SKINNY, I got an error nullPointException, if initial protocol is SIP, some RTP packets has been lost, about 1/4 to 1/3 total packets. In the code, I just saw somethings related to rtp, and I don't know what initial protocols are mentioned.
- The 2nd things, I don't know how to handle rtp packet's payload, or exactly is decode payload to audio. Someone can help me about method, or library, or somethings else about this.

I really appreciated your help!
Thank for reading.
PS: Sorry for my bad English.

jNetPcap v2 - Roadmap

The roadmap is a long term plan for jNetPcap which will help drive our development efforts and keep things on track.

Below is a roadmap to start things off and placeholders for now.

  1. 2015 - libpcap wrapper API release
  2. TBD - develop DPI architecture
  3. TBD - develop L3/L4 reassembly
  4. TBD - protocol packs
  5. TBD - network utility library

I am proposing the roadmap as if there was no other code to be used and we are almost starting from scratch. In reality we have a ton of code already developed (part of jnetpcap and also away from the project.)

jNetPcap v2 - Resources

To successfully implement version 2 of jNetPcap, we first need to take a look at resources needed to accomplish this effort.

Here are the categories for discussion related to resources:


We need developers. This needs to be a team effort. Since the new version of jNetPcap is going to be modular, it makes sense to assign teams of developers to various modules or portions of modules.

We need:

1) API developers
2) Protocol developers

Depending on someone's strength or desire to acquire additional experience, we can assign to various tasks, components, modules or teams in general.


Another important way to contribute is to help with the testing of code. This is something that requires less commitment then development level, but is of great importance none the less. If you have a unique set of skills, or access to a lab where you could test for jNetPcap, you could be a huge help to the project.

1) Test protocols
2) Test performance
3) Test OS or HW compatibility
4) Quality Assurance!

Tech Writers

If you have technical writing abilities, here is another way you could greatly contribute to the project. By teaming up with developers and help write javadocs, reference docs and various user guides.

Financial Sponsorship

I think it goes without saying that maintaining a project of this size and scope is financially expensive. My company, Sly Technologies Inc, has been the sole sponsor of jNetPcap project so far, picking up all of the consts associated with it for many years now.

In order to be more productive and reflect the current utilization of jNetPcap in commercial, educational and government space, I would like to announce and implement sponsorship programs which will allow growth of jNetPcap to continue (such as version 2 of the library).

jNetPcap v2 discussion

Its been a while since jnetpcap received a refresh and I think one is overdue. I would like to start a discussion on how to proceed with jnetPcap v2.

recognize ecrypted protocol

Hi All,
is there a way to get/recognize from packet others secure protocols like HTTPS , SFTP or SSL

thanks in advance