May 2016

IP address, Request Response for UDP Packet

Is there a way to get a formatted IP, request Response for a captured UDP DNS packet?

What I am doing doesn't give a proper solution.

public void nextPacket(PcapPacket packet, String user) {

                if (!packet.hasHeader(udp)) {
                    return; // not a UDP package, skip
                // Process Output
                if (packet.hasHeader(udp)) {
                    System.out.println("Got UDP Packet");
                    if (packet.getHeader(udp).source() == 53) {
                        System.out.println("This packet is a Response");
                        System.out.println("The Source :" + packet.getHeader(udp).source());
                        System.out.println("The Destination :" + packet.getHeader(udp).destination());

                    if (packet.getHeader(udp).destination() == 53) {
                        System.out.println("This packet is a Request");
                        System.out.println("The Source :" + packet.getHeader(udp).source());
                        System.out.println("The Destination :" + packet.getHeader(udp).destination());

                    System.out.println("The Request :" + packet.getHeader(udp).checksum());
                    System.out.println("The Size of packet :" + packet.getTotalSize());

Find back the String (human readable form) of the payload

Hi! I'm new with jnetpcap and I'm trying to implement a security protocol that should make custom packets with string messages as data. And now receiving packets I need to retrieve plain messages not the Hexdump string. Typically in this figure, I want to get the "2;7;12|..." part of the text.

0000: 32 3b 37 3b 31 32 3b 7c 42 6f 6e 6a 6f 75 72 4a 2;7;12;|BonjourJ
0010: 65 20 76 6f 75 73 20 61 69 6d 65 e vous aime

Anyone can help me?

JFlow and JFlowmap

how I can get packets from JFlow or JFlowMap ?

JFlow JFlowMap

how I can get packets from JFlow or JFlowMap

JFlow and JFlowmap

hello Smile
jnetpcap group packets into flows using JFlow and Jflowap so I want to get all packets in one flow.then extract the features from these packets for my use.
I execute this example and I get output like this.

total packet count=483
total flow count=21
flow[0] -> Tcp fw/rev/tot pkts=[7/6/13],
flow[1] -> Tcp fw/rev/tot pkts=[9/11/20],
flow[2] -> Ip4 tot pkts=[1],
flow[3] -> Tcp fw/rev/tot pkts=[74/135/209],
flow[4] -> Ip4 tot pkts=[18],
flow[5] -> Tcp fw/rev/tot pkts=[9/6/15],
flow[6] -> Tcp fw/rev/tot pkts=[8/6/14],
flow[7] -> Tcp fw/rev/tot pkts=[5/5/10],
flow[8] -> Tcp fw/rev/tot pkts=[7/7/14],
flow[9] -> Tcp fw/rev/tot pkts=[8/6/14],
flow[10] -> Tcp fw/rev/tot pkts=[9/10/19],
flow[11] -> Tcp fw/rev/tot pkts=[5/5/10],
flow[12] -> Tcp fw/rev/tot pkts=[8/9/17],
flow[13] -> Tcp fw/rev/tot pkts=[7/6/13],
flow[14] -> Tcp fw/rev/tot pkts=[6/6/12],
flow[15] -> Tcp fw/rev/tot pkts=[7/6/13],
flow[16] -> Tcp fw/rev/tot pkts=[9/10/19],
flow[17] -> Tcp fw/rev/tot pkts=[7/6/13],
flow[18] -> Tcp fw/rev/tot pkts=[7/6/13],
flow[19] -> Tcp fw/rev/tot pkts=[6/6/12],
flow[20] -> Tcp fw/rev/tot pkts=[8/6/14],

I want to handle each flow alone.

Thanks in advance.

src_port and dest_Port

hello everyone
can you help me how I can extract dest Port from a packet, but I want it int value for example port http 80 so I want get 80 values

UDP Checksum is calculated wrong (JNetPCAP-1.4.r1425-1)


I am using JNetPCAP as a traffic generator. I am creating a certain amount of different udp packets and are sending them later onto my firewall. However during the creation of the packets the checksum is either correct or omitted but it should always be correct. I do not know where the error lies. I am posting my method that I use for generating below. The source ip range is from -

I use JNETPcap under Linux here is the relevant data:

Distribution: Ubuntu Server 15.04 vivid
uname result: Linux sender 3.19.0-25-generic #26-Ubuntu SMP Fri Jul 24 21:17:31 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
libpcap version: libpcap_1.6.2-2 (got via apt-get libpcap-dev)

public synchronized static JPacket createNormalUDPPacket(int frameLength, byte[] sourceMac, byte[] destinationMac,byte[] sourceAddress, byte[] destinationAddress, int sourcePort, int destinationPort) {

// Header length for UDP is 42
int dataLength = frameLength - 42;
JPacket packet = new JMemoryPacket(frameLength);
packet.setUShort(12, 0x0800);
Ethernet ethernet = packet.getHeader(new Ethernet());

// IP v4 packet
packet.setUByte(14, 0x40 | 0x05);
Ip4 ip4 = packet.getHeader(new Ip4());
ip4.length(frameLength - ethernet.size());

// UDP packet

Udp udp = packet.getHeader(new Udp());
udp.setUShort(0, sourcePort);
udp.setUShort(2, destinationPort);
udp.setUShort(4, frameLength - ethernet.size() - ip4.size());
udp.setUShort(6, udp.calculateChecksum());
packet.setByteArray(42, new byte[dataLength]);

return packet;