November 2016

How to transform .dump to .pcap?

I am working on a packet decoding project. A part of work is to read packet size from .pcap files and .dump files. However, my codes are doing well in .pcap files but not work in .dump files. For example, when I use packet.size() on .pcap files, the results are correct. Using packet.size() on .dump files, comes out 42 bytes, however, there is no 42 bytes packet in the file. Is there any methods to transform .dump files to .pcap files or packet.size() in .dump files is wrong used? Thank you.

How to transform .dump to .pcap?

I am working on a packet decoding project. A part of work is to read packet size from .pcap files and .dump files. However, my codes are doing well in .pcap files but not work in .dump files. For example, when I use packet.size() on .pcap files, the results are correct. Using packet.size() on .dump files, comes out 42 bytes, however, there is no 42 bytes packet in the file. Is there any methods to transform .dump files to .pcap files or packet.size() in .dump files is wrong used? Thank you.

not getting all the downloaded payload

hi,

i'm using jnetpcap 1.4 as packet analyzer for a http file donwload.
i'm getting all the payload when the file i'm trying to donwload is less than 1.5Mo but when i try to get a file more bigger i'm not getting all the payload and im stucked.

Can someone help me please thanks.

What is the optimal value to use for the loop count when calling pcap loop?

Originally my program was using a value of 100 and the pcap.loop was working properly when receiving ~10k pps. When I modified the loop call to be use the infinite value (-1) I noticed that packets were not being processed after ~15 mins when processing ~10k pps. The implementation just seemed to hang in the loop method and did not process any more packets. I was also using a timeout of 1000 when calling the pcap.openlive method, is this not an optimal value?

SctpData header does not decode multiple SCTP data chunks from bundled SCTP packet.

My application is receiving an SCTP packet with multiple data chunks and I am wondering why the following logic is not decoding the multiple data chunks properly:

PcapPacketHandler jpacketHandler = new PcapPacketHandler() {

@Override
public void nextPacket(PcapPacket packet, String user) {
//user defined headers that are registered properly
GREHeader greHeader = new GREHeader();
ERSPANHeader erspanHeader = new ERSPANHeader();
try {
if (packet.hasHeader(greHeader)) {
packet.getHeader(greHeader);
if (packet.hasHeader(erspanHeader)) {

JPacket jpacket = new JMemoryPacket(Ethernet.ID, erspanHeader.getPayload());
Iterator sctpData = jpacket.iterator(SctpData.class);
//only loops once even though there are 4 data chunks
while (sctpData.hasNext()) {

SctpData current = sctpData.next();
//returns a payload length of all the data chunks
current.getPayloadLength();
}
}
}
} catch (Throwable ex) {
}
}
};

Using jnetPcap on android studio or eclipse step by step

Hi dear friends ,I am a biginer at jnetPcap on android , I have a big chalange to use jnetPcat in android application.
First of all I have a question,Can I use jnetPcap for making a packet and send to over of network(2nd layer)?
If I can , How do I careate packet with jnetpcap on android? My IDE is android studio.
I downloaded jnetpcap-1.3.0-1.win64.zip on this site after extarcted this file , I add jnetpcap.jar to my android application after that I can call all the classes,but when I want run my app I faced to an error.
My sample code is :

public class PcapAndroidActivity extends Activity {

/** Called when the activity is first created. */
@Override
public void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.main);
int size = 100;
Ethernet wEth;
byte[] sourceMac = {};
byte[] destMac = {};
Ip4 wIp4;
byte[] bytes = {};
byte[] dIP = {};
byte[] sIP = {};

try {
Process p = Runtime.getRuntime().exec("su");
JPacket wPacket = new JMemoryPacket(size);
wPacket.order(ByteOrder.BIG_ENDIAN);
wPacket.setUShort(12, 0x0800);
wPacket.scan(JProtocol.ETHERNET_ID);
wEth = wPacket.getHeader(new Ethernet());
wEth.source(sourceMac);
wEth.destination(destMac);
wEth.checksum(wEth.calculateChecksum());
int headersize = 14;
wPacket.setUByte(14, 0x40 | 0x05);
wPacket.scan(JProtocol.ETHERNET_ID);
wIp4 = wPacket.getHeader(new Ip4());
wIp4.length(500 - wEth.size());
wIp4.source(dIP);
wIp4.destination(sIP);
wIp4.ttl(32);
wIp4.flags(0);
wIp4.offset(0);
wIp4.checksum(wIp4.calculateChecksum());
headersize += 20;
}
catch (Exception ex)