Creating PcapPacket

9 replies [Last post]
emin
Offline
Joined: 06/18/2010

Hi mark, I get a packet from a different source than jnetpcap.

I want to create a PcapPacket from my packet that comes from different source.

I have required informations for setting the pcap packet.

If possible how can I do ?

Mark Bednarczyk
Offline
Joined: 03/22/2008
You have to create a
JMemoryPacket

Sly Technologies, Inc.
http://slytechs.com

emin
Offline
Joined: 06/18/2010
I have a method look like
Mark Bednarczyk
Offline
Joined: 03/22/2008
What I would suggest
                /* Template packet data */
		JPacket packet =
		    new JMemoryPacket(JProtocol.ETHERNET_ID,
		        " 001801bf 6adc0025 4bb7afec 08004500 " +
		        " 0041a983 40004006 d69ac0a8 00342f8c " +
		        " ca30c3ef 008f2e80 11f52ea8 4b578018 " +
		        " ffffa6ea 00000101 080a152e ef03002a " +
		        " 2c943538 322e3430 204e4f4f 500d0a");

                /* Our working headers we want to use to modify packet headers */
		Ip4 ip = packet.getHeader(new Ip4());
		Tcp tcp = packet.getHeader(new Tcp());
		
		tcp.destination(80); // Change dst port to 80

                /* Recalculate header checksums */
		ip.checksum(ip.calculateChecksum());
		tcp.checksum(tcp.calculateChecksum());

                /* Rescan packet for any structural changes */
		packet.scan(Ethernet.ID);
		
		System.out.println(packet);
Frame:
Frame:          number = 2
Frame:       timestamp = 2010-08-23 10:39:23.803
Frame:     wire length = 79 bytes
Frame: captured length = 79 bytes
Frame:
Eth:  ******* Ethernet - "Ethernet" - offset=0 (0x0) length=14 
Eth: 
Eth:      destination = 0:18:1:bf:6a:dc
Eth:                    .... ..0. .... .... = [0] LG bit
Eth:                    .... ...0 .... .... = [0] IG bit
Eth:           source = 0:25:4b:b7:af:ec
Eth:                    .... ..0. .... .... = [0] LG bit
Eth:                    .... ...0 .... .... = [0] IG bit
Eth:             type = 0x800 (2048) [ip version 4]
Eth: 
Ip:  ******* Ip4 - "ip version 4" - offset=14 (0xE) length=20 protocol suite=NETWORK
Ip: 
Ip:          version = 4
Ip:             hlen = 5 [5 * 4 = 20 bytes, No Ip Options]
Ip:         diffserv = 0x0 (0)
Ip:                    0000 00.. = [0] code point: not set
Ip:                    .... ..0. = [0] ECN bit: not set
Ip:                    .... ...0 = [0] ECE bit: not set
Ip:           length = 65
Ip:               id = 0xA983 (43395)
Ip:            flags = 0x2 (2)
Ip:                    0.. = [0] reserved
Ip:                    .1. = [1] DF: do not fragment: set
Ip:                    ..0 = [0] MF: more fragments: not set
Ip:           offset = 0
Ip:              ttl = 64 [time to live]
Ip:             type = 6 [next: Transmission Control]
Ip:         checksum = 0xD69A (54938) [correct]
Ip:           source = 192.168.0.52
Ip:      destination = 47.140.202.48
Ip: 
Tcp:  ******* Tcp offset=34 (0x22) length=32 
Tcp: 
Tcp:           source = 50159
Tcp:      destination = 80
Tcp:              seq = 0x2E8011F5 (780145141)
Tcp:              ack = 0x2EA84B57 (782781271)
Tcp:             hlen = 8
Tcp:         reserved = 0
Tcp:            flags = 0x18 (24)
Tcp:                    0... .... = [0] cwr: reduced (cwr)
Tcp:                    .0.. .... = [0] ece: ECN echo flag
Tcp:                    ..0. .... = [0] ack: urgent, out-of-band data
Tcp:                    ...1 .... = [1] ack: acknowledgment
Tcp:                    .... 1... = [1] ack: push current segment of data
Tcp:                    .... .0.. = [0] ack: reset connection
Tcp:                    .... ..0. = [0] ack: synchronize connection, startup
Tcp:                    .... ...0 = [0] fin: closing down connection
Tcp:           window = 65535
Tcp:         checksum = 0xA729 (42793) [correct]
Tcp:           urgent = 0
Tcp: 
Data:  ******* Payload offset=66 (0x42) length=13 
Data: 
0042: 35 38 32 2e  34 30 20 4e  4f 4f 50 0d  0a             582.40 NOOP..   

Sly Technologies, Inc.
http://slytechs.com

emin
Offline
Joined: 06/18/2010
Thanks Mark. It is
Mark Bednarczyk
Offline
Joined: 03/22/2008
There is no association

Sly Technologies, Inc.
http://slytechs.com

emin
Offline
Joined: 06/18/2010
Hi mark I wrote

public static JPacket createPacket( int sourceIP , int sourcePort ,
                                   int destIP , int destPort , byte [] payload )
{

     JPacket packet = new JMemoryPacket( JProtocol.ETHERNET_ID ,
             " 001801bf 6adc0025 4bb7afec 08004500 " +
             " 0041a983 40004006 d69ac0a8 00342f8c " +
             " ca30c3ef 008f2e80 11f52ea8 4b578018 " +
             " ffffa6ea 00000101 080a152e ef03002a " +
             " 2c943538 322e3430 204e4f4f 500d0a");



     Ip4 ip = packet.getHeader(new Ip4());
     Tcp tcp = packet.getHeader(new Tcp());
     tcp.source( sourcePort );
     tcp.destination(destPort);

     int payloadStartOffset = tcp.getGapOffset();


     ByteBuffer buf = ByteBuffer.allocate( payloadStartOffset + payload.length );

     byte [] bytes = buf.array();

     for( int i = payloadStartOffset ; i < payloadStartOffset + payload.length; ++i )
          bytes[ i ] = payload[ i - payloadStartOffset ];

     packet.transferFrom(bytes);

     return packet;

}


Mark Bednarczyk
Offline
Joined: 03/22/2008
You are overriding your
byte[] headers = org.jnetpcap.packet.format.FormatUtils.toByteArray(
             " 001801bf 6adc0025 4bb7afec 08004500 " +
             " 0041a983 40004006 d69ac0a8 00342f8c " +
             " ca30c3ef 008f2e80 11f52ea8 4b578018 " +
             " ffffa6ea 00000101 080a152e ef03002a " +
             " 2c943538 322e3430 204e4f4f 500d0a");
byte[] buffer = new byte[payload.length + headers.length];
System.arraycopy(headers, 0, buffer, 0, headers.length);
System.arraycopy(payload, 0, buffer, headers.length, payload.length);

JPacket packet = new JMemoryPacket( JProtocol.ETHERNET_ID, buffer);

Sly Technologies, Inc.
http://slytechs.com

emin
Offline
Joined: 06/18/2010
When I wanted the payload
Mark Bednarczyk
Offline
Joined: 03/22/2008
Look at the debug info to

System.out.println(packet.toDebugString());

Sly Technologies, Inc.
http://slytechs.com

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.