0

I'm trying to develop a software in which I'm capturing packets from my network interface, changing them, and writing the altered packets to my local disc (to an output file).

Thing is, when I open the output file, I see that the changes that I made were not committed. for example, I've captured an IP packet and changed the source ip address to be 0.0.0.0. Afterwards, I've saved the altered packet in the output file. When I've opened the output file, I've seen that the source ip address was the same as it was before I have changed it.

    if (packet instanceof TCPPacket) {
            try {   
                ((IPPacket)packet).src_ip = InetAddress.getByName("0.0.0.0");

            } catch (UnknownHostException e) {
                e.printStackTrace();
            }
            System.out.println(packet);
            outputFile.writePacket(packet);             
     }

What am I missing?

Mark268
  • 78
  • 1
  • 8
  • Where/how do you alter it? I cannot imagine why you think anyone could solve the problem based on that code snippet. For better help sooner, post an [SSCCE](http://sscce.org/). – Andrew Thompson Jun 02 '12 at 10:28
  • I alter it in the code line: ((IPPacket)packet).src_ip = InetAddress.getByName("0.0.0.0"); – Mark268 Jun 02 '12 at 10:30
  • Does the `println` output show that you've actually changed `src_ip`? If so, you need to provide more details about the rest of your code, particularly `writePacket`. – Lilienthal Jun 02 '12 at 10:36
  • println output does show that I've actually changed src_ip. The method writePacket is provided by the jpcap library (It's not mine), so I don't have control over it. – Mark268 Jun 02 '12 at 11:21

1 Answers1

0

The thing about the JpcapWriter is that it runs alongside the JpcapCaptor, which is why you need to give it a captor as a field when it is initialized. So as you loop through the captor and grab the packets, even if you make changes to it, those changes are only stored within the object you create in java, and the captor passes the unaltered packet to the writer.

I encountered a similar problem. So I just write the packets to a file without using the built in writer. I extract the data I want and write it as plain text. The only downside to this is that it makes reloading the capture file a bit trickier.

Let me know if you have any more questions.

Rob Wagner
  • 4,391
  • 15
  • 24