jNetPcap 1.X

jNetPcap 1.X module: libpcap and packet decoder

Updates coming to 1.4

Here is a quick update on status of jNetPcap 1.4. Here are some of the things I have been working on for a few weeks now:

1) Numerous bug fixes. About 20 different bugs in RTP, SIP, HTTP, TCP and more have been fixed. (see https://sourceforge.net/tracker/?group_id=164277&atid=831083 for details)

2) Several new protocols: Added SCTP, NullHeader (loopback/Null DLT), RTCP. Also added skeleton first cut at Diameter (in the tests/java1.5 source tree).

3) Several improvements of existing features: JFormatter enhancements that handle more output styles and now any array of any previous style type is handled generically. For example complex objects can simply implement at toString() method and will neatly be organized in array-style-output.

4) Added new features:
- JPacket.hasAnyHeader(long mask) and JPacket.hasAllHeaders(long mask)
You can now manipulate numerical protocol IDs as bitmasks that can be combined (ORed/ANDed) to check for existence of 1 or more protocols in a single check.
- Fully documented and every feature implemented SCTP protocol has been added
- Fully documented and RFC3550 compliant RTCP protocol has been added

1.3 Beta 4 performance

Latest beta 4 update being tested:

Test#Packets/sec (1000s)bits/s (Millions)PcapPacketGeneral ScanTcp-only ScanCopyPeerNotes
2100229noyesnoyesnoPcapPacket reused
4100229noyesnoyesnoExtra new Object(){};
81,290677nonoyesyesyescopy tcp payload only
91,0502,280nonoyesyesyescopy all packets

Libpcap Integration

This page provides information about native libpcap library as it relates to integration and implementation of various features in jNetPcap. Most of the information in tables has been extracted from libpcap's change log and summarized.


Version+API calls+DLTNotes
0.9.6 Bluetooth, USB capturing,
0.9.5 LAPD, ERF via DAG, DLT_IEEE802_11, DLT_IEEE802_11_RADIO
0.9.4 radiotap
0.9.3pcap_sendpacket, pcap_inject 
0.8pcap_lookupnet, cap_next_ex(), pcap_breakloop(), pcap_dump_flush(), pcap_list_datalinks(), pcap_set_datalink(), pcap_lib_version(), pcap_datalink_val_to_name(), pcap_datalink_name_to_val()DLT_ARCNET_LINUX, DLT_ENC, DLT_IEEE802_11_RADIO, DLT_SUNATM, DLT_IP_OVER_FC, DLT_FRELAY, othersnew error returns.


0.6pcap_open_dead 2.2 and later kernels, uses PF_PACKET sockets; and supports the "any" device
0.5pcap_compile_nopcapDLT_LOOP, DLT_C_HDLC
0.3  Added Linux support
0.1  Add pcap-null.c which allows offline use of libpcap
0.0.2  Implement timeout in the dlpi pcap_open_live()

Syndicate content