利用Jpcap库自己实现tcpdump抓包

最新推荐文章于 2023-02-15 17:47:32 发布

小牛蛋

最新推荐文章于 2023-02-15 17:47:32 发布

阅读量3.3k

点赞数

分类专栏：网络编程

本文链接：https://blog.csdn.net/lucky_greenegg/article/details/53580660

版权

网络编程专栏收录该内容

8 篇文章 0 订阅

订阅专栏

因为项目需要自己实现对底层数据包的捕获、转发功能，类似wirshark、tcpdump的功能。网络上各种对Jpcap库的例子都有点过时，所以记录一下，首先上Jpcap的官网http://jpcap.gitspot.com/download.html上根据自己的系统下载安装包，我windows系统下载的是JpcapSetup-0.7.exe，下载默认安装就可以了。当然之前还需要安装WinPcap，通常如果安装过wireshark之后，就已经安装好了最新的WinPcap。

下面是一个简单的例子，基本上常用的函数都有了，包括过滤函数

jpcap.setFilter("tcp and src 172.16.101.99", true);

这个函数功能很强大，最重要的一点它的过滤语法和tcpdump是一样的

Sets a filter. This filter is same as tcpdump. 这是官方手册上对于这个函数的介绍，所以可以很灵活的调整程序对于网络数据包的过滤

package test;
import java.util.Vector;
import java.io.IOException;
import java.util.Date;

import jpcap.*;
import jpcap.packet.Packet;

/**
 * 线程测试实例
 * @author lucky_greenegg
 *
 */



public class TcpThread
{
 /**
  * 
  * @author lucky_greenegg
  *
  */
	static NetworkInterface[] devices;
	
	class WirelessConnectionPacket implements PacketReceiver 
	{
		public void receivePacket(Packet packet) {
			System.out.println("Wireless connection "+packet);
			

		}
	}
	
	class WiredConnectionPacket implements PacketReceiver 
	{
		public void receivePacket(Packet packet) {
			System.out.println("Wired connection "+packet);
			
			JpcapSender sender = null;
			try {
				sender = JpcapSender.openDevice(devices[3]);
			} catch (IOException e) {
				// TODO Auto-generated catch block
				e.printStackTrace();
			}
			sender.sendPacket(packet);
			sender.close();
			
		}
	}
		
class ThreadWirelessConnection extends Thread
{
	private Date runtime;
	private NetworkInterface wirelessconnection;
	public void run()
	{
		this.runtime = new Date();
		System.out.println("Wireless connection monitor thread begin."+this.runtime);

		
		JpcapCaptor jpcap = null;
		try {
			jpcap = JpcapCaptor.openDevice(devices[0], 2000, true, 20);
			jpcap.setFilter("tcp", true);
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		jpcap.loopPacket(-1, new WirelessConnectionPacket());

	}
 
 }
/**
 * 
 * @author lucky_greenegg
 *
 */
class ThreadWiredConnection  implements Runnable
{
	private Date runtime;
	private NetworkInterface wiredconnection;
	
	public void run()
	{
		this.runtime = new Date();
		System.out.println("Wired connection monitor thread begin."+this.runtime);
		

		
		JpcapCaptor jpcap = null;
		try {
			jpcap = JpcapCaptor.openDevice(devices[3], 2000, true, 20);
			//jpcap.setFilter("tcp and src 172.16.101.99", true);
			//Sets a filter. This filter is same as tcpdump.
		} catch (IOException e) {
			// TODO Auto-generated catch block
			e.printStackTrace();
		}
		
		jpcap.loopPacket(-1, new WiredConnectionPacket());
	}
 }
/**
 * 
 *
 */
public void wirlessmonitor()
{
	Thread threadwireless = new ThreadWirelessConnection();
	threadwireless.start();
}
/**
 * 
 *
 */
public void wiredmonitor()
{
	Runnable threadwired = new ThreadWiredConnection();
	Thread thread = new Thread(threadwired);
	thread.start();
 }
/**
 * 
 * @param args
 */
public static void main(String[] args)
{
	TcpThread test = new TcpThread();
	
	devices = JpcapCaptor.getDeviceList();
	
	for (int i = 0; i < devices.length; i++) 
	{
		System.out.println(i+" :"+devices[i].name + "(" + devices[i].description+")");
		System.out.println("    data link:"+devices[i].datalink_name + "("
				+ devices[i].datalink_description+")");
		System.out.print("    MAC address:");
		for (byte b : devices[i].mac_address)
			System.out.print(Integer.toHexString(b&0xff) + ":");
		System.out.println();
		for (NetworkInterfaceAddress a : devices[i].addresses)
			System.out.println("    address:"+a.address + " " + a.subnet + " "
					+ a.broadcast);
	}
	
	test.wirlessmonitor();
	test.wiredmonitor();
 
}
}