Protocol Analysis

OutOfMemory Exception when calling FormatUtils.ip(..) on packets that contain IPv6 Header

Hi there,

i've been playing around with jnetpcap for a view weeks now, and it got most things i wanted to do to work, but now i've discovered a maybe(?) strange behaviour when calling FormatUtils.ip(..):
Mostly that is not a big deal, but when this packet contains an ip6 header the heap space gets flooded with objects and my program runs out of memory. it seems like this only happens, when there are single zeros in the byte array of the ip (like [-1,0,0,3,..])

i call these methods (in a loop for every packet, packet is a PcapPacket):
String destIp = (packet.hasHeader(ip4)) ? FormatUtils.ip(packet.getHeader(ip4).destination())
: FormatUtils.ip(packet.getHeader(ip6).destination());

Exception in thread "Thread-5" java.lang.OutOfMemoryError: Java heap space
at java.util.Arrays.copyOf(Arrays.java:2367)
at java.lang.AbstractStringBuilder.expandCapacity(AbstractStringBuilder.java:130)
at java.lang.AbstractStringBuilder.ensureCapacityInternal(AbstractStringBuilder.java:114)
at java.lang.AbstractStringBuilder.append(AbstractStringBuilder.java:587)
at java.lang.StringBuilder.append(StringBuilder.java:214)
at org.jnetpcap.packet.format.FormatUtils.asStringIp6(Unknown Source)
at org.jnetpcap.packet.format.FormatUtils.ip(Unknown Source)
at controller.captureanalysis.NV_PacketProcessor.processPacket(NV_PacketProcessor.java:135)
at controller.captureanalysis.NV_PacketProcessor.run(NV_PacketProcessor.java:105)

i'm running the jvm with -Xms512m and -Xmx1024m, java7 and jnetpcap 1.3.0 (i also tried the latest 1.4.x) on win7 64bit

is there any workaround?

thanks in advance and greetz
nyTe

TCP retransmission(data duplicate)

Hi,

JNepPCap library can arrange packages in the correct order?
Library has a mechanism to handle TCP retransmission packet?
If so, how to turn it on?

I would like get the data from a stream.
Now I filter packets by direction(src, dst port and ip) and parse data. But when there is a network of TCP retransmission, I get duplicate data.

retrieve the whole html page from captured packets

Hey guys,
I'm trying to learn about the jNetPcap.How can I use jnetpcap to reassemble the packets to get the whole html page?

? - Packet Trace

Hi there,

First time adding a post so maybe you already have much more experience around.

I need to add packet trace functionality to a test connectivity using different protocols. I have already created all mechanism that send UDP and TCP...here an TCP example

Socket socket = new Socket(address, Integer.parseInt(port));
DataOutputStream dos = new DataOutputStream(
new BufferedOutputStream(socket.getOutputStream()));
byte[] payload = generatePayload();
dos.write(payload);
dos.flush();
}

And also I'm testing HTTP by opening the default browser and browsing a http page.

How could I add something to trace the packet I'm sending on the different protocols?

Cheers

Using jNetPcap to parse offline pcap files

Hi,
I would like to use jNetPcap to analyze pcap files generated by our Xena traffic generator.
Packets in the recorded stream may be untagged, tagged CVlan only or CVlan + SVlan. From those headers, I must be able to retrieve the individual fields' values (i.e. vid, pcp etc.)
I searched for reference Java code for decoding such a stream, given that each packet's structure is unknown.
How is this done with jNetPcap?

Thanks,
David

Syndicate content