style="display:inline-block;width:728px;height:90px"
data-ad-client="ca-pub-7505528228218001"
data-ad-slot="1225241371">

jNetPcap 1.X

jNetPcap 1.X module: libpcap and packet decoder

jNetPcap OS 1.4.r1425 released!

Released an update to 1.4 development. The release fixes several new bugs and is a bit more stable.

For more information look at the changelog and is available for download here.

jNetPcap 1.4.r1390 released!

Released an update to 1.4 development. The release fixes several new bugs and is a bit more stable then previous 1.3.r1380.

For more information look at the changelog and is available for download here.

1.4 Javadocs and SCTP protocol

The online javadocs for 1.4 have been updated to 1.4.r1380. Use the pull down from the "Documentation" menu or use the direct link below:

jNetPcap 1.4: javadocs

Sigtran SCTP Protocol: javadocs

jNetPcap 1.4 is a development release, so please use and test out the SIP, SCTP protocol changes. Once the changes and new features are confirmed and tested, I will update 1.3 with bug fixes and put 1.4 and release "beta" version of 1.4 on our way to production status.

5.5.1 - Binding to Sctp header

The Sctp header was introduced in version 1.4 (1.4.r1370 to be specific). The protocol header uses a slightly different method for breaking down Sctp data. Sctp protocol is made up of a fixed-length header followed by 1 or more "Chunks". Most of the chunks are control information carriers about the Sctp connection itself with the esception of "data-chunk".

The jNetPcap breaks down the Scp packets in the following ways. The fixed-length Sctp header followed by one or more Sctp-Chunk headers. The important thing to note is that these are not "sub-headers" but top-level headers.

Here is an example of a Sctp packet. The output is acquired using the following command on a Sctp packet: System.out.println(packet.getState().toDebugString()) which will printout the state information about the packet and all its headers:

JPacket.State#029   : [         Protocol(ID/Flag) | Start | Prefix | Header | Gap | Payload | Postfix ]
JPacket.State#029[0]: [         ETHERNET( 1/0800) |     0 |      0 |     14 |   0 |     356 |       0 ]
JPacket.State#029[1]: [              IP4( 2/0800) |    14 |      0 |     20 |   0 |     336 |       0 ]
JPacket.State#029[2]: [             SCTP(32/0800) |    34 |      0 |     12 |   0 |     324 |       0 ]
JPacket.State#029[3]: [             DATA(33/0800) |    46 |      0 |     16 |   0 |     308 |       0 ]
JPacket.State#029[4]: [             HTTP(13/0800) |    62 |      0 |    305 |   0 |       3 |       0 ]
JPacket.State#029[5]: [        WEB_IMAGE(15/0800) |   367 |      0 |      3 |   0 |       0 |       0 ]

Please notice that SCTP and DATA (Sctp chunk DATA) are separate top-level headers. Http header is bound to the "DATA" Header but in a special way. It had to go back 1 more header in the header-state stack to check the port numbers and verify that Sctp port number 80 was used. If that condition is met then the Binding object or method can return true and it will be placed after the "DATA" header.

Updates coming to 1.4

Here is a quick update on status of jNetPcap 1.4. Here are some of the things I have been working on for a few weeks now:

1) Numerous bug fixes. About 20 different bugs in RTP, SIP, HTTP, TCP and more have been fixed. (see https://sourceforge.net/tracker/?group_id=164277&atid=831083 for details)

2) Several new protocols: Added SCTP, NullHeader (loopback/Null DLT), RTCP. Also added skeleton first cut at Diameter (in the tests/java1.5 source tree).

3) Several improvements of existing features: JFormatter enhancements that handle more output styles and now any array of any previous style type is handled generically. For example complex objects can simply implement at toString() method and will neatly be organized in array-style-output.

4) Added new features:
- JPacket.hasAnyHeader(long mask) and JPacket.hasAllHeaders(long mask)
You can now manipulate numerical protocol IDs as bitmasks that can be combined (ORed/ANDed) to check for existence of 1 or more protocols in a single check.
- Fully documented and every feature implemented SCTP protocol has been added
- Fully documented and RFC3550 compliant RTCP protocol has been added