Created
September 22, 2014 22:47
-
-
Save william-reed/0fccf5a23f123453deb2 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package io.github.wreed12345; | |
import java.util.ArrayList; | |
import java.util.List; | |
import org.jnetpcap.Pcap; | |
import org.jnetpcap.PcapIf; | |
import org.jnetpcap.packet.PcapPacket; | |
import org.jnetpcap.packet.PcapPacketHandler; | |
import org.jnetpcap.protocol.tcpip.Tcp; | |
public class Main { | |
public static void main(String[] args) { | |
List<PcapIf> alldevs = new ArrayList<PcapIf>(); // Will be filled with | |
// NICs | |
StringBuilder errbuf = new StringBuilder(); // For any error msgs | |
/*************************************************************************** | |
* First get a list of devices on this system | |
**************************************************************************/ | |
int r = Pcap.findAllDevs(alldevs, errbuf); | |
if (r == Pcap.NOT_OK || alldevs.isEmpty()) { | |
System.err.printf("Can't read list of devices, error is %s", | |
errbuf.toString()); | |
return; | |
} | |
System.out.println("Network devices found:"); | |
int i = 0; | |
for (PcapIf device : alldevs) { | |
String description = (device.getDescription() != null) ? device | |
.getDescription() : "No description available"; | |
System.out.printf("#%d: %s [%s]\n", i++, device.getName(), | |
description); | |
} | |
PcapIf device = alldevs.get(0); // We know we have atleast 1 device | |
System.out.printf("\nChoosing '%s' on your behalf:\n", | |
(device.getDescription() != null) ? device.getDescription() | |
: device.getName()); | |
/*************************************************************************** | |
* Second we open up the selected device | |
**************************************************************************/ | |
int snaplen = 64 * 1024; // Capture all packets, no trucation | |
int flags = Pcap.MODE_PROMISCUOUS; // capture all packets | |
int timeout = 10 * 1000; // 10 seconds in millis | |
Pcap pcap = | |
Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf); | |
if (pcap == null) { | |
System.err.printf("Error while opening device for capture: " | |
+ errbuf.toString()); | |
return; | |
} | |
/*************************************************************************** | |
* Third we create a packet handler which will receive packets from the | |
* libpcap loop. | |
**************************************************************************/ | |
PcapPacketHandler<String> jpacketHandler = new PcapPacketHandler<String>() { | |
public void nextPacket(PcapPacket packet, String user) { | |
Tcp tcp = new Tcp(); | |
if(packet.hasHeader(tcp)) { | |
if(tcp.destination() == 80) | |
System.out.println("Web request"); | |
else if(tcp.destination() == 443) | |
System.out.println("Secure Web request"); | |
} | |
} | |
}; | |
/*************************************************************************** | |
* Fourth we enter the loop and tell it to capture 10 packets. The loop | |
* method does a mapping of pcap.datalink() DLT value to JProtocol ID, which | |
* is needed by JScanner. The scanner scans the packet buffer and decodes | |
* the headers. The mapping is done automatically, although a variation on | |
* the loop method exists that allows the programmer to sepecify exactly | |
* which protocol ID to use as the data link type for this pcap interface. | |
**************************************************************************/ | |
pcap.loop(1000000, jpacketHandler, ""); | |
/*************************************************************************** | |
* Last thing to do is close the pcap handle | |
**************************************************************************/ | |
pcap.close(); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment