Demo Event

A public or private event presented by Sly Technologies which demonstrates current or future products

JFlow and JFlowmap

hello Smile
jnetpcap group packets into flows using JFlow and Jflowap so I want to get all packets in one flow.then extract the features from these packets for my use.
I execute this example http://jnetpcap.com/node/144 and I get output like this.

total packet count=483
total flow count=21
flow[0] 10.1.1.101:3187 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[7/6/13],
flow[1] 10.1.1.101:3199 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[9/11/20],
flow[2] 209.225.11.237 -> 10.1.1.101:6 Ip4 tot pkts=[1],
flow[3] 10.1.1.101:3200 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[74/135/209],
flow[4] 209.225.0.6 -> 10.1.1.101:6 Ip4 tot pkts=[18],
flow[5] 10.1.1.101:3193 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[9/6/15],
flow[6] 10.1.1.101:3192 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[8/6/14],
flow[7] 10.1.1.101:3177 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[5/5/10],
flow[8] 10.1.1.101:3188 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[7/7/14],
flow[9] 10.1.1.101:3191 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[8/6/14],
flow[10] 10.1.1.101:3198 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[9/10/19],
flow[11] 10.1.1.101:3195 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[5/5/10],
flow[12] 10.1.1.101:3189 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[8/9/17],
flow[13] 10.1.1.101:3184 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[7/6/13],
flow[14] 10.1.1.101:3197 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[6/6/12],
flow[15] 10.1.1.101:3183 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[7/6/13],
flow[16] 10.1.1.101:3190 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[9/10/19],
flow[17] 10.1.1.101:3179 -> 209.225.11.237:80 Tcp fw/rev/tot pkts=[7/6/13],
flow[18] 10.1.1.101:3185 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[7/6/13],
flow[19] 10.1.1.101:3196 -> 10.1.1.1:80 Tcp fw/rev/tot pkts=[6/6/12],
flow[20] 10.1.1.101:3194 -> 209.225.0.6:80 Tcp fw/rev/tot pkts=[8/6/14],

I want to handle each flow alone.

Thanks in advance.

openOffline Method to access from Android Internal Storage

Hi everyone,

I am using JnetPcap library to extract the packets from a Mobile Wireshark application required for Android project analysis. I have to capture the IP address from the pcap file and display the same on the Google Maps.

I am facing an issue reading the Internal Storage of the Android phone using the openOffline method... Can this method be used for Android Internal Storage File Directory ?? The same code is working if the directory path is specified in Windows OS running on a PC....

Any inputs would be highly appreciated...

Please find below the code for the same.

package appprofiler.appprofilerv1;

/**
* Created by soory_000 on 11/30/2015.
*/

import android.os.Environment;

import java.io.File;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import org.jnetpcap.Pcap;
import org.jnetpcap.nio.JMemory;
import org.jnetpcap.packet.JFlow;
import org.jnetpcap.packet.JFlowKey;
import org.jnetpcap.packet.JFlowMap;
import org.jnetpcap.packet.JPacket;
import org.jnetpcap.packet.JPacketHandler;
import org.jnetpcap.packet.JScanner;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.protocol.network.Ip4;
import org.jnetpcap.protocol.tcpip.Http;
import org.jnetpcap.protocol.tcpip.Tcp;

public class IPExtract {
final static List ipaddress = new ArrayList();
private static String FILENAME;

public IPExtract(String Filename) {
this.FILENAME = Filename;
}

public static void main(String[] args) {
final StringBuilder errbuf = new StringBuilder();
final Pcap pcap = Pcap.openOffline(FILENAME, errbuf); // While trying to debug I am getting a Library error
if (pcap == null) {
System.err.println(errbuf);
return;
}

Live events!

Syndicate content