2

I'm trying to read packet headers using jpcap.

TCPPacket tcpPacket = (TCPPacket) captor.getPacket();
System.out.println(new String(tcpPacket.header));

and the output is (something like): enter image description here

What am I missing? (When reading the data part, it looks OK)

Anders R. Bystrup
  • 15,729
  • 10
  • 59
  • 55
danieln
  • 4,795
  • 10
  • 42
  • 64

1 Answers1

2

The TCPPacket.getHeader() returns a byte[] array, which you can't expect to contain only nice ASCII values, so when you make a (UTF-8) String out of it, you get line noise...

AFAIK there is no structured approach to TCP headers in JPCap, so you'll have to dig out a reference and decode it yourself - or use Google to find resources by people who've done the work already.

Cheers,

Anders R. Bystrup
  • 15,729
  • 10
  • 59
  • 55
  • Thanks! The link you provided did the trick (https://java.net/projects/slamd/sources/svn/content/trunk/slamd/tools/LDAPDecoder/src/com/sun/snoop/TCPHeader.java?rev=226) – danieln May 11 '15 at 11:42