Support Guidelines

The jNetPcap community welcomes all of your questions and issues. No question is too small or to complex.

We do ask is that you provide all the relevant information we will need to help you solve your particular issue and follow few simple guide lines. Please provide the following information if applicable to your problem:

  1. Which version of jnetpcap are you using (jnetpcap-1.3.b0006 for example)
  2. Which operating system does the problem occur on (fedora core 10, ubuntu 9.04, etc.)
    • On linux systems please also provide output from: uname -a, lsb_release -a
    • On linux, if possible also provide version of libpcap installed
  3. Which hardware architecture, especially 32-bit or 64-bit
  4. When describing networking problems and multiple devices, protocols or applications are involved, simple graphics would be greatly appreciated and helpful. See guidelines below on graphics.


A few guide lines which will ensure that our forums organized and easier to search:

  1. Search the forum archives to see if your question has been answered before
  2. Do not post unrelated replies to already existing topics. Please start a new topic.
  3. Only post replies to topics if you have more questions about that particular topic or if you can contribute to the discussion.


Graphics are always very helpful. When dealing with multiple network nodes, interfaces, protocols and applications, it is usually helpful to show setup of your network using simple graphics. This can be as simple as some ASCII characters enclosed between <pre>/</pre> html tags. You will find many people on this forum, including myself utilize a lot of ASCII graphics.

You may also attached graphic files to your post (attachment menu is accessible from the "first" topic edit tag). Any graphic format is acceptable as long as we can open it.

Attaching capture files

rerror_rate attribute in KDD CUP 99 Dataset with using jnetpcap


I'm trying to improve a signature based IDS with JAVA and so I'm using jnetpcap to capture network packets. In my project I need to analyze these network packets and I should classify them according to if they are suspicious(attack) or reliable(normal). For this, I'm using the KDD CUP 99 Dataset to classify my packets.

My question is;

- Is it possible to create each attribute of KDD CUP 99 Dataset with using jnetpcap? If it is, then how can I do this?
For example, I need to identify *rerror_rate(definition is like below) from network packets and I don't know how can I realize this?

*rerror_rate : % of connections that have ‘REJ’ errors to the same host.

I also need to identify the other attributes of this dataset and If I can identify rerror_rate maybe it can show me a way to identify the others.

Thanks in advance.


what I have to do to catch packets across the LAN?

what I have to do to catch packets across the LAN? Now grabs only with my host. Code:

Jnetpcap flow grouping

Hello Mark.
I am currently working on a project related to bandwidth throttling by analysis flow vise bandwidth consumption. I have come across research publications which does something similar using CISCO NetFlow. I am interested to know, how jnetpcap group packets in to flows and how using jnetpcap flow is justifiable as an alternative to CISCO NetFlow.
I have used the Jnetpcap library to implement the core functionality of my project. I am grateful to any clarification you could offer.

openOffline Method to access from Android Internal Storage

Hi everyone,

I am using JnetPcap library to extract the packets from a Mobile Wireshark application required for Android project analysis. I have to capture the IP address from the pcap file and display the same on the Google Maps.

I am facing an issue reading the Internal Storage of the Android phone using the openOffline method... Can this method be used for Android Internal Storage File Directory ?? The same code is working if the directory path is specified in Windows OS running on a PC....

Any inputs would be highly appreciated...

Please find below the code for the same.

package appprofiler.appprofilerv1;

* Created by soory_000 on 11/30/2015.

import android.os.Environment;

import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.jnetpcap.Pcap;
import org.jnetpcap.nio.JMemory;
import org.jnetpcap.packet.JFlow;
import org.jnetpcap.packet.JFlowKey;
import org.jnetpcap.packet.JFlowMap;
import org.jnetpcap.packet.JPacket;
import org.jnetpcap.packet.JPacketHandler;
import org.jnetpcap.packet.JScanner;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.protocol.tcpip.Http;
import org.jnetpcap.protocol.tcpip.Tcp;

public class IPExtract {
final static List ipaddress = new ArrayList();
private static String FILENAME;

public IPExtract(String Filename) {
this.FILENAME = Filename;

public static void main(String[] args) {
final StringBuilder errbuf = new StringBuilder();
final Pcap pcap = Pcap.openOffline(FILENAME, errbuf); // While trying to debug I am getting a Library error
if (pcap == null) {