0

So I used tcpdump to capture my UDP packets into a file. I now have my pcap file with my packets. Now I need:

A Java program to open this file, parse it and place the packet contents, one at a time, into a ByteBuffer so my protocol parser can process each packet as it was getting them from the network. My protocol parser must not care whether it is being called by the network reader or by the pcap processor.

Is there a library or a standard way in Java to do that? Can you give me or point me out to some source code example? Thanks!

chrisapotek
  • 6,007
  • 14
  • 51
  • 85

2 Answers2

3

use jpcap, it's exactly what you need.

shem
  • 4,686
  • 2
  • 32
  • 43
  • Do you know whether jpcap is in the maven central repository? I searched around but did not find it. – chrisapotek Jul 09 '12 at 14:51
  • @chrisapotek There are several Jpcaps and the one I worked on, at SourceForge, definitely works on 32- and 64-bit Windows. – user207421 Jul 09 '12 at 23:20
0

To read from a file and place it into a ByteBuffer you can use

FileChannel in = new FileInputStream(filename).getChannel();

// read into a ByteBuffer from a file.
in.read(byteBuffer);
Peter Lawrey
  • 525,659
  • 79
  • 751
  • 1,130
  • Wow? But that will be the raw pcap file. Don't we need to parse it somehow so the resulting ByteBuffer is going to be the same as it would be had it come from a live udp network reader? – chrisapotek Jul 09 '12 at 14:50
  • Yes. I believe jpcap can help you with that. I am not familar with the format tcpdump produces. I have used Wireshark with is a good tool for understanding tcpdump files. (Rather than try to write such a tool) – Peter Lawrey Jul 09 '12 at 14:56