OSX Yosemite JNetPcap Build

No replies
Joined: 10/02/2015

First time poster here, but I have had some email contact with Mark in the past.
Recently, I have been able to build the JNetPcap dylib for use on OSX Yosemite and Mavericks.
It allows my Java project to select the device to listen on and gather packets.

The problem I have occurs in packet_jsmall_scanner.cpp in the scan method.

If I set up a PcapPacketHandler my project crashes automatically with an error that looks like the following:

# A fatal error has been detected by the Java Runtime Environment:
# SIGSEGV (0xb) at pc=0x000000011ecff655, pid=21905, tid=22019
# JRE version: Java(TM) SE Runtime Environment (8.0_25-b17) (build 1.8.0_25-b17)
# Java VM: Java HotSpot(TM) 64-Bit Server VM (25.25-b02 mixed mode bsd-amd64 compressed oops)
# Problematic frame:
# C [libjnetpcap.dylib+0x9655] scan(JNIEnv_*, _jobject*, _jobject*, scanner_t*, packet_state_t*, int, char*, int, unsigned int)+0x14f

So I changed it to utilize a JBufferHandler instead.

when using the JBufferHandler, I can see the header and data flowing across and even print the information to screen, It looks something like this:

buffer hexdump:
0000: 02 00 00 00 45 00 00 30 5b 5b 40 00 40 06 00 00 ....E..0[[@.@...
... many lines inbetween
0030: 04 02 00 00 ....

header hexdump:
0000: 31 08 0f 56 00 00 00 00 11 1b 03 00 46 e0 45 33 1..V........F.E3
... many lines inbetween
0110: c8 b7 e3 24 01 00 00 00 ...$....

The moment I add the following line of code:

It crashes with the same fatal error as above.

I know the problem is with scan.

This is what my nextPacket method looks like to start:
public void nextPacket(PcapHeader pcapHeader, JBuffer jBuffer, Object o) {
System.out.println("buffer hexdump: \n" + jBuffer.toHexdump());
System.out.println("header hexdump: \n" + pcapHeader.toHexdump());


For the packet.order I have tried LITTLE_ENDIAN and BIG_ENDIAN to no avail.

I am looking for direction from the community since I realize that OSX is not officially supported by Mark. I have it 90% functional, I just can't analyze packet headers.
Please help.

Thank you,