- Tutorials
- API Examples
- User Guide
- Ch 1 - The Basics
- Ch 2 - libpcap
- 2.1 - The Main libpcap API Overview
- 2.2 - Getting a List of Interfaces
- 2.3 - Opening a Network Interface for Capture
- 2.4 - Opening offline capture
- 2.5 - Setting a packet filter
- 2.6 - Reading one packet at a time
- 2.7 - Reading multiple packets with dispatch loops
- 2.8 - Dumping captured packet to an offline file
- 2.9 - Transmitting packets
- 2.10 - Close Pcap and PcapDumper handles
- Ch 3 - Packet Decoding
- Ch 4 - Internals
- Ch 5 - Protocols
- Ch 6 - Native API
The main packet classes, PcapPacket and JPacket, are the center point of the packet framework. Everything else revolves around these two classes. A packet is made up of 3 parts:
- Packet data buffer - received from libpcap or read from a file
- Packet state structure - generated by jNetPcap
- Packet capture header - also received from libpcap
All 3 parts are manipulated and maintained separately of each other. That is the capture header and packet data buffer are both supplied by libpcap, and the packet state structure maintained by JScanner class. These structures and the packet buffer are stored in native memory outside of java address space or byte arrays. Packet state and its data buffer are the two most important parts, as they are used in decoding and then subsequent access to individual headers.
»
Printer-friendly- Login or register to post comments
Send via Email
PDF Convert