jNetPcap-用Java实现libpcap完整封装的网络数据包捕获函数库

jNetPcap-用Java实现libpcap完整封装的网络数据包捕获函数库
在网络上看到了这个项目，本人对这个不太了解，但挺兴趣所以也推荐给大家，希望能一起学习。

jNetPcap是libpcap的一个Java完整封装。jNetPcap使
用与libpcap相同风格的API。libpcap是unix/linux平台下的网络数据包捕获函数库，大多数网络监控软件都以它为基础。 Libpcap可以在绝大多数类unix平台下工作。Libpcap提供了系统独立的用户级别网络数据包捕获接口，并充分考虑到应用程序的可移植性。

jNetPcap 官方网站:http://jnetpcap.com/

下面是官方上的一些演示示例:

ClassicPcapExample.java

1 /**

2 * Copyright (C) 2008 Sly Technologies, Inc. This library is free software; you

3 * can redistribute it and/or modify it under the terms of the GNU Lesser

4 * General Public License as published by the Free Software Foundation; either

5 * version 2.1 of the License, or (at your option) any later version. This

6 * library is distributed in the hope that it will be useful, but WITHOUT ANY

7 * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR

8 * A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more

9 * details. You should have received a copy of the GNU Lesser General Public

10 * License along with this library; if not, write to the Free Software

11 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA

12 */

13 package org.jnetpcap.examples;

14

15 import java.nio.ByteBuffer;

16 import java.util.ArrayList;

17 import java.util.Date;

18 import java.util.List;

19

20 import org.jnetpcap.Pcap;

21 import org.jnetpcap.PcapHandler;

22 import org.jnetpcap.PcapIf;

23

24 /**

25 * This example is the classic libpcap example shown in nearly every tutorial on

26 * libpcap. It gets a list of network devices, presents a simple ASCII based

27 * menu and waits for user to select one of those interfaces. We will just

28 * select the first interface in the list instead of taking input to shorten the

29 * example. Then it opens that interface for live capture. Using a packet

30 * handler it goes into a loop to catch a few packets, say 10. Prints some

31 * simple info about the packets, and then closes the pcap handle and exits.

32 *

33 * @author Mark Bednarczyk

34 * @author Sly Technologies, Inc.

35 */

36 @SuppressWarnings("deprecation")

37 public class ClassicPcapExample {

38

39 public static void main(String[] args) {

40 List<PcapIf> alldevs = new ArrayList<PcapIf>(); // Will be filled with NICs

41 StringBuilder errbuf = new StringBuilder(); // For any error msgs

42

43 /********************************************

44 * 取得设备列表

45 ********************************************/

46 int r = Pcap.findAllDevs(alldevs, errbuf);

47 if (r == Pcap.NOT_OK || alldevs.isEmpty()) {

48 System.err.printf("Can't read list of devices, error is %s", errbuf

49 .toString());

50 return;

51 }

52

53 System.out.println("Network devices found:");

54

55 int i = 0;

56 for (PcapIf device : alldevs) {

57 System.out.printf("#%d: %s [%s]\n", i++, device.getName(), device

58 .getDescription());

59 }

60

61 PcapIf device = alldevs.get(2); // We know we have atleast 1 device

62 System.out.printf("\nChoosing '%s' on your behalf:\n", device

63 .getDescription());

64

65 /***************************************

66 * 打开选中的设备

67 ***************************************/

68 int snaplen = 64 * 1024; // Capture all packets, no trucation

69 int flags = Pcap.MODE_PROMISCUOUS; // capture all packets

70 int timeout = 10 * 1000; // 10 seconds in millis

71 Pcap pcap = Pcap

72 .openLive(device.getName(), snaplen, flags, timeout, errbuf);

73

74 if (pcap == null) {

75 System.err.printf("Error while opening device for capture: "

76 + errbuf.toString());

77 return;

78 }

79

80 /**********************************************************************

81 * Third we create a packet hander which will be dispatched to from the

82 * libpcap loop.

83 **********************************************************************/

84 PcapHandler<String> printSummaryHandler = new PcapHandler<String>() {

85

86 public void nextPacket(String user, long seconds, int useconds,

87 int caplen, int len, ByteBuffer buffer) {

88 Date timestamp = new Date(seconds * 1000 + useconds/1000); // In millis

89

90 System.out.printf("Received packet at %s caplen=%-4d len=%-4d %s\n",

91 timestamp.toString(), // timestamp to 1 ms accuracy

92 caplen, // Length actually captured

93 len, // Original length of the packet

94 user // User supplied object

95 );

96 }

97 };

98

99 /************************************************************

100 * Fourth we enter the loop and tell it to capture 10 packets

101 ************************************************************/

102 pcap.loop(10, printSummaryHandler, "jNetPcap rocks!");

103

104 /*

105 * Last thing to do is close the pcap handle

106 */

107 pcap.close();

108 }

109 }

110

PcapDumperExample.java

package org.jnetpcap.examples;

import java.io.File;

import java.nio.ByteBuffer;

import java.util.ArrayList;

import java.util.List;

import org.jnetpcap.Pcap;

import org.jnetpcap.PcapDumper;

import org.jnetpcap.PcapHandler;

import org.jnetpcap.PcapIf;

public class PcapDumperExample {

public static void main(String[] args) {

List<PcapIf> alldevs = new ArrayList<PcapIf>(); // Will be filled with NICs

StringBuilder errbuf = new StringBuilder(); // For any error msgs

/***************************************************************************

* First get a list of devices on this system

**************************************************************************/

int r = Pcap.findAllDevs(alldevs, errbuf);

if (r == Pcap.NOT_OK || alldevs.isEmpty()) {

System.err.printf("Can't read list of devices, error is %s\n",

errbuf.toString());

return;

}

PcapIf device = alldevs.get(1); // We know we have atleast 1 device

/***************************************************************************

* Second we open up the selected device

**************************************************************************/

int snaplen = 64 * 1024; // Capture all packets, no trucation

int flags = Pcap.MODE_PROMISCUOUS; // capture all packets

int timeout = 10 * 1000; // 10 seconds in millis

Pcap pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);

if (pcap == null) {

System.err.printf("Error while opening device for capture: %s\n",

errbuf.toString());

return;

}

/***************************************************************************

* Third we create a PcapDumper and associate it with the pcap capture

***************************************************************************/

String ofile = "tmp-capture-file.cap";

PcapDumper dumper = pcap.dumpOpen(ofile); // output file

/***************************************************************************

* Fouth we create a packet handler which receives packets and tells the

* dumper to write those packets to its output file

**************************************************************************/

PcapHandler<PcapDumper> dumpHandler = new PcapHandler<PcapDumper>() {

public void nextPacket(PcapDumper dumper, long seconds, int useconds,

int caplen, int len, ByteBuffer buffer) {

dumper.dump(seconds, useconds, caplen, len, buffer);

}

};

/***************************************************************************

* Fifth we enter the loop and tell it to capture 10 packets. We pass

* in the dumper created in step 3

**************************************************************************/

pcap.loop(10, dumpHandler, dumper);

File file = new File(ofile);

System.out.printf("%s file has %d bytes in it!\n", ofile, file.length());

/***************************************************************************

* Last thing to do is close the dumper and pcap handles

**************************************************************************/

dumper.close(); // Won't be able to delete without explicit close

pcap.close();

if (file.exists()) {

file.delete(); // Cleanup

}

}

}

注：运行demo时，需要注意的情况：

jNetPcap 类库是都通JNI，调用系统的动态链接库来实现与底层设备的交互。所以运行时需要加载。解决办法如下：

设置

-Djava.library.path参数

java -Djava.library.path=c:\jnetpcap\lib -jar myJNetPcapApp.jar

Good Luck!

Yours Matthew!