Last active
December 19, 2015 04:18
-
-
Save aboutsip/5896046 to your computer and use it in GitHub Desktop.
Simple example of how to use pkts.io to load a pcap file and print the content of all UDP packets.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import io.pkts.PacketHandler; | |
import io.pkts.Pcap; | |
import io.pkts.packet.Packet; | |
import io.pkts.protocol.Protocol; | |
import java.io.IOException; | |
// Step 1 - obtain a new Pcap instance by supplying an InputStream that points | |
// to a source that contains your captured traffic. Typically you may | |
// have stored that traffic in a file so there are a few convenience | |
// methods for those cases, such as just supplying the name of the | |
// file as shown below. | |
final Pcap pcap = Pcap.openStream("my_traffic.pcap"); | |
// Step 2 - Once you have obtained an instance, you want to start | |
// looping over the content of the pcap. Do this by calling | |
// the loop function and supply a PacketHandler, which is a | |
// simple interface with only a single method - nextPacket | |
pcap.loop(new PacketHandler() { | |
@Override | |
public void nextPacket(final Packet packet) throws IOException { | |
// Step 3 - For every new packet the PacketHandler will be | |
// called and you can examine this packet in a few | |
// different ways. You can e.g. check whether the | |
// packet contains a particular protocol, such as UDP. | |
if (packet.hasProtocol(Protocol.UDP)) { | |
// Step 4 - Now that we know that the packet contains | |
// a UDP packet we get ask to get the UDP packet | |
// and once we have it we can just get its | |
// payload and print it, which is what we are | |
// doing below. | |
System.out.println(packet.getPacket(Protocol.UDP).getPayload()); | |
} | |
} | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment