Your SlideShare is downloading. ×
Jnetpcap quickguide
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Jnetpcap quickguide

728
views

Published on

Published in: Technology

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
728
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
9
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. jnetpcap 개발가이드java network packet capture api(jnetpcap)Quick start guideOriginated by http://jnetpcap.com/darkandark90@gmail.com
  • 2. Revision History2013.05.05 first commit
  • 3. Target Audience• 네트워크 프로그래밍을 하는 사람.• wireshark 쓰는 게 버거운 사람.• 개발서버가 없어서 고객 실서버에서 뭔가해결해야 하는 사람(welcome to hell)- play network programing- want to have to make personalizationnetwork capture tool
  • 4. Test versionJDK 1.7 64bitjnetpcap-1.3.b4-1.win64.zip-jdk버전은 상관없음. 1.6 32bit 권장일반적으로 대상장비들이 32bit lpv4신형장비인 경우 64bit ipv6 인 경우가 많으므로만약 상업적으로 뭔가를 한다면 그냥 32bit 추천유사 라이브러리- winpcap- jpcap
  • 5. 개발환경 세팅#1http://sourceforge.net/projects/jnetpcap/?source=recommendedsourceforge에서 다운로드압축을 풀어서 jnetpcap.dll 파일을 windows에 System32폴더에 복사
  • 6. 개발환경 세팅#2eclipse설정AddLibrary클릭완성된 화면
  • 7. 개발환경 세팅#3user library선택
  • 8. 개발환경 세팅#4UserLibraries 클릭
  • 9. 개발환경 세팅#5New 클릭
  • 10. 개발환경 세팅#6이름은 상관없음.체크박스에 반드시 체크
  • 11. 개발환경 세팅#7• Add jars클릭jnetpcap.jar 파일 추가
  • 12. Api 사용 장비 조회존재여부//network device저장용• List<PcapIf> alldevs = new ArrayList<PcapIf>();• StringBuilder errbuf = new StringBuilder();• int r = Pcap.findAllDevs(alldevs, errbuf);• if (r == Pcap.NOT_OK || alldevs.isEmpty()) {• System.err.printf("Cant read list ofdevices, error is %s", errbuf• .toString());• return;• }
  • 13. 장비조회 #2존재하는 경우PcapIf.getName()PcapIf.getDescription()이용
  • 14. Device 조회결과• #0: DeviceNPF_{940F2889-F79F-4438-807C-E745A91C0F2F} [VMware Virtual EthernetAdapter]• #1: DeviceNPF_{47CC0E79-D78A-42F0-8A78-7104AB62AA48} [Realtek PCIe GBE FamilyController]• #2: DeviceNPF_{F04CEA22-A7CC-406A-A27E-BF440554CBB6} [Realtek PCIe GBE FamilyController]• #3: DeviceNPF_{C2E8FF15-D8A3-4320-A70B-011511818BC5} [VMware Virtual Ethernet Adapter]
  • 15. packet capture apiPcapPacketHandler이용• JPacketHandler<String> jpacketHandler = newJPacketHandler<String>() {• @Override• public void nextPacket(JPacket packet, String user) {• final JCaptureHeader header = packet.getCaptureHeader();• System.out.printf( "packet caplen=%d wiredlen=%dn",header.caplen(), header.wirelen());• System.out.println(packet.toString());• }• };• pcap.loop(10, jpacketHandler, "jpacket test");• }
  • 16. packet capture 결과• packet caplen=66 wiredlen=66• Frame:• Frame: number = 0• Frame: timestamp = 2013-05-05 01:56:06.805• Frame: wire length = 66 bytes• Frame: captured length = 66 bytes• Frame:• Eth: ******* Ethernet - "Ethernet" - offset=0 (0x0) length=14• Eth:• Eth: destination = 72:08:17:18:2e:23• Eth: .... ..0. .... .... = [0] LG bit• Eth: .... ...0 .... .... = [2] IG bit• Eth: source = 00:25:22:a4:93:fe• Eth: .... ..0. .... .... = [0] LG bit• Eth: .... ...0 .... .... = [2] IG bit• Eth: type = 0x800 (2048) [ip version 4]• Eth:• Ip: ******* Ip4 - "ip version 4" - offset=14 (0xE) length=20 protocol suite=NETWORK• Ip:• Ip: version = 4• Ip: hlen = 5 [5 * 4 = 20 bytes, No Ip Options]• Ip: diffserv = 0x0 (0)• Ip: 0000 00.. = [0] code point: not set• Ip: .... ..0. = [0] ECN bit: not set• Ip: .... ...0 = [0] ECE bit: not set• Ip: length = 52• Ip: id = 0x14DB (5339)• Ip: flags = 0x2 (2)• Ip: 0.. = [0] reserved• Ip: .1. = [1] DF: do not fragment: set• Ip: ..0 = [0] MF: more fragments: not set• Ip: offset = 0• Ip: ttl = 128 [time to live]• Ip: type = 6 [next: Transmission Control]• Ip: checksum = 0x0 (0) [incorrect: 0x4EA0]• Ip: source = 192.168.219.5• Ip: destination = 116.34.135.120• Ip:• Tcp: ******* Tcp offset=34 (0x22) length=32 중략….
  • 17. 미결..filter 쓰는 방법을 추가해야 함…