Sniffer4J Wiki
A java packet sniffer and forger that wraps pcap libs.
Status: Beta
Brought to you by:
bernardobl
Menu
▾
▴
Tutorial 1 Example 1
Example 1
Basic Count
//Create a connection to pcap
//For now let's ignore maxFrameLength, since it depends on the creation
//of filter to work.
Capture cap = new Capture(0);
try {
//Let's get all the devices available in the machine for pcap
//If any error occurs it will be throw as an NetworkDeviceException
List<NetworkDevice> networkDevices = cap.getNetworkDevices();
//Assuming the first device is a valid device for capture.
//we can use it.
//Print basic info of device
//We will connect to this device to sniff packets from
NetworkDevice device = networkDevices.get(0);
System.out.println();
System.out.println(" Pcap Device Name: " + device.getName());
System.out.println("Device Description: " + device.getDescription());
//Print all address that this device can have
//a device can have multiple address
//(e.g. Ipv4 and Ipv6; Multihoming Ipv4; etc...)
for(DeviceAddress deviceAddress : device.getAddresses()){
if(deviceAddress.getAddress() != null){
System.out.print(" Address: " + deviceAddress.getAddress().getHostAddress());
if(deviceAddress.getMask() != null)
System.out.print("/" + deviceAddress.getMask().getHostAddress());
if(deviceAddress.getBroadcast() != null)
System.out.print(" brdcast: " + deviceAddress.getBroadcast().getHostAddress());
System.out.println();
}
}
System.out.println();
//Add a new adapter to the Capture Listener.
//Adapters can be of type CaptureAdapter for parsed packets, as the one in this example
//or can be the type CaptureRawAdapter to receive packets as a ByteBuffer
cap.addListener(new CaptureAdapter(){
//Count frames
private int count = 0;
//This function is called by Sniffer4J.Dll for each new received Frame
@Override
public void capture(Frame frame) {
//counting frames
count++;
//Capture length is the length actually captured by pcap
//Total length is the length of the original frame
//if maxFrameLength is used in Capture Class creation
//Those values might be different
System.out.println(" Frame Number: " + count +
" Size captured: " + frame.getCaptureLength() +
" Total Size: " + frame.getTotalLength());
}
});
//Connect to device (ignore timeout, show packets as they arrive)
cap.connect(device, -1);
//Start the Capture and block until the 20 packet has been received and processed
//by CaptureAdapter
cap.CaptureFramesLoop(20);
//Close the Capture Device
cap.close();
}catch(NetworkDeviceException e){
System.err.println("Error in the cap.getNetworkDevices();");
e.printStackTrace();
}catch(CaptureS4JException e){
System.err.println("Error in the connection.");
e.printStackTrace();
}catch (JNIException e) {
System.err.println("Error With the Dll");
e.printStackTrace();
} catch (NotSupportedDatalinkS4JException e) {
System.err.println("Datalink not Supported, only Ethernet");
e.printStackTrace();
}
The example above presented a series of methods and classes of Sniffer4J.
We started with
cap.getNetworkDevices();
br.com.sniffer4j.devices.NetworkDevice
br.com.sniffer4j.devices.DeviceAddress
The method getNetworkDevices() returns a list of machine devices that are visible and available to pcap lib.
Sniffer4J return the information of such devices in the class ** NetworkDevice **
The method **getName() ** of ** NetworkDevice ** returns the name used by pcap to connect to such device.
** DeviceAddress ** return information about a single device or interface, like network address, broadcast address, mask, etc…
In the line
cap.addListener(new CaptureAdapter(){
We can see that an instance of ** CaptureAdapter has been declared inline.
Whenever a packet is received by pcap, it will call the CaptureBase callback** method that will parser and dispatch such parsed Frame to:
public void capture(Frame frame) {
Where it is counted and a message is printed.
For the difference between ** CaptureFramesLoop and ** CaptureFramesDispatch see [Tutorial 1 Example 2]
