API

TCP Reassembly using 1.3 JnetPcap library

Hello,

I am using jnetpcap 1.3 version.

Can anybody suggest how to reassemble these TCP packets using Jnetpcap (1.3)?

I had a look at the examples but couldn't get them working. Examples I found with version 12. but it seems to be depreceted.

I am still trying with TcpReassembler.

I will try to brief my requirement and if anybody have any suggestions more welcome.

1). Read pcap packets.
2). Save to data store.
3). Retrieve packets from datastore and reassemble.

Thanks in advance.

not able to filter host

I want to filter capture based on host name and i am passing "host google" to setfilter method but i am not able to filter.the filter compiling is failing and i am getting unknown host google.am i doing anything wrong,i am using windows 8.please help me with this.
thanks in advance.

http.fieldvalue(Http.Response.RequestUrl) returns null

Hey mark i modified your source code ON READING IMAGES FROM HTTP,cause this time i wanted to extract the images urls,but the output is null.
public void processHttp(Http http) {
if (http.getMessageType() != Http.MessageType.RESPONSE) {
return;
}

JPacket packet = http.getPacket(); // Packet this http belongs to
final long frame = packet.getFrameNumber();
final String cmd = http.fieldValue(Request.RequestMethod);
final String code = http.fieldValue(Response.ResponseCode);
final String ct = http.fieldValue(Response.Content_Type);
String cl = http.fieldValue(Response.Content_Length);
final int payload = http.getPayloadLength();

if ((code != null && code.equals("200") == false)) {
return; // Skip error messages
}

if (cl == null) {
cl = Integer.toString(payload);
}

/*
* Responses always have a content type, since we are looking for
* specific content that has been predefined, we can use enum constants.
* We're not interested in anything else, otherwise we'd have to use
* http.contentType() method which returns a string.
*/
ContentType type = http.contentTypeEnum();

switch (type) {
case GIF:
case PNG:
case JPEG:
String RequestUrl=http.fieldValue(Http.Response.RequestUrl);
System.out.println(RequestUrl);
break;
}

where could the problem be?

How to modify&create a pcap file

Hi everyone , i'm a beginner in jnetpcap and i have a problem.

1- I make an offline capture from a pcap file
2- I modify some field of the packet (more exactly i have to remove a part contain in the packetPayload) and i'm sure i need to recalculate the header after that
3- I want to copy the new packet into a pcap file

I don't succeed to copy the new packet into a pcap file, i tried to use ByteArrayInputStream but it's not working. I also try the dumper but i just succeed to make a copy and not make some modification.

I need some help !! Eye

ps : please forgive my english it's not my native language

merging from multiple packet files

Hi all

my task is to generate a single new packet file from a list of
already recorded files. Between start/stop time is the criteria
to copy packets to the new file. It may spawn multiple input files.

I tried to go through a loop of

...pcap = Pcap.openOffline(myCurrentFile, sb);

but the dumper file could only be opened for one pcap session

...dumper = pcap.dumpOpen(createOutputFilename());

Can someone provide a short outline what I need to do?

thanks in advance
Wolfgang R.

Syndicate content