kaitoy / pcap4j

A Java library for capturing, crafting, and sending packets.
https://www.pcap4j.org/
Other
1.17k stars 312 forks source link

master branch is useless #317

Open quantrpeter opened 1 month ago

quantrpeter commented 1 month ago

master branch is useless, right? v1 is the major one? thanks

ssill2 commented 1 month ago

yeah, seems like. I'm just using 1.8.3 with an overrided jna version and that's working for me to protoype an idea. I'm probably going to switch to jnetpcap once I validate what I'm doing. it seems more maintained. and if I choose to use it for multi-gigabit stuff it seems better supported for hardware acceleration etc. The pricing is SUPER cheap too, but it's free up to 5 machines

ErikV121 commented 1 month ago

Is it me or the documentation useless for pcap4j? I've tried to setup Jnetpcap but I keep getting source file mismatch errors?

ssill2 commented 1 month ago

yeah, I had trouble trying to get jnetpcap working. I spoke to the author a week or two ago and he said big changes were coming so that it would be easier to get going. I had used pcap4j a few years ago and really liked it and it was going to be my first choice for this new thing I want to try. I think I was using 1.6 or 1.7 at that time, and it was on java 8 I think lol But I've recently switched all my projects to java 21 so I'm trying to be latest and greatest on everything, including pcap4j. I had the same kind of issues with trying to build 2.x. Since I've not seen any recent commits on this project, that's why I'll probably go back to jnetpcap once that's updated.

ErikV121 commented 1 month ago

dang, well i hope those changes come soon . I have a semseter project to finish (network monitoring system) and then I need to some how figure out how do specific things. Question please , your preference, which one would you choose for a project like this? example calculate bandwidth, latency, traffic, etc. I'd appreciate your response :)

ssill2 commented 1 month ago

you can make pcap4j 1.8.2 work just fine, you have to override the version of jna, but it works. I think it depends GREATLY on how much bandwidth your talking about. Also in my case I'm going to be doing a production product so I want to base my work on something that is supported. for your project pcap4j should work.

This is what I have in my pom.xml

        <dependency>
            <groupId>org.pcap4j</groupId>
            <artifactId>pcap4j-core</artifactId>
            <version>1.8.2</version>
            <type>jar</type>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>slf4j-api</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>net.java.dev.jna</groupId>
                    <artifactId>jna</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>org.pcap4j</groupId>
            <artifactId>pcap4j-packetfactory-static</artifactId>
            <version>1.8.2</version>
        </dependency>
        <dependency>
            <groupId>net.java.dev.jna</groupId>
            <artifactId>jna</artifactId>
            <version>5.15.0</version>
        </dependency>
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-api</artifactId>
            <version>1.7.36</version>
        </dependency>
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-jdk14</artifactId>
            <version>1.7.36</version>
        </dependency>
ErikV121 commented 1 month ago

ssill2, I appreciate you, you are the man. I guess I'll get to work and see what I can make of it. Thanks again 👍

ssill2 commented 1 month ago

this is my main loop. you'll want to initialize some threadpools to submit work to so you don't have to tie up the main loop.

        if (chosenDevice != null)
        {
            LOG.info(String.format("Opening device '%s'", chosenDevice.getName()));

            int snapLenBytes = 65536;
            int timeoutMillis = 100;

            try (PcapHandle handle = chosenDevice.openLive(snapLenBytes,
                    PcapNetworkInterface.PromiscuousMode.PROMISCUOUS,
                    timeoutMillis))
            {
                // schedule job to periodically display pcap stats
                PcapStatsWorker statsWorker = new PcapStatsWorker(handle);
                scheduledTaskService.scheduleAtFixedRate(statsWorker, 0,
                        SCHEDULE_INTERVAL__PCAP_STATS_TASK_VALUE,
                        SCHEDULE_INTERVAL__PCAP_STATS_TASK_UNITS);

                final PacketListener listener = (Packet packet) ->
                {
                    if (packet == null)
                    {
                        LOG.info("Null packet");
                    }
                    else
                    {
                        if (!(packet instanceof UnknownPacket))
                        {
                            PacketInfo pi = new PacketInfo(triageConfig, packet);
                            PacketProcessorWorker pktProcessingTask
                                    = new PacketProcessorWorker(pi);
                            packetProcessingPool.submit(pktProcessingTask);
                        }
                    }
                };
                handle.loop(0, listener);
            }
            catch (InterruptedException ie)
            {
                LOG.info("Interrupted");
            }
        }
ssill2 commented 1 month ago

I'm having some stuff inserted into an in-memory db hsql, so I can quickly do queries and process the things.

ssill2 commented 1 month ago

and something like this for your routine tasks like cleaing up in memory tabls and printing out pcap handle stats

    /**
     * Initialize threadpools and fire off any scheduled tasks
     */
    private void initThreadPoolsAndTasks()
    {
        // init
        // schedule tasks pool
        scheduledTaskService = Executors.newScheduledThreadPool(3);

        // db housekeeping task
        HostTableHousekeeper hostsTableHouskeeper = new HostTableHousekeeper();
        scheduledTaskService.scheduleAtFixedRate(hostsTableHouskeeper,
                0,
                SCHEDULE_INTERVAL__DB_HOUSEKEEPING_TASK_VALUE,
                SCHEDULE_INTERVAL__DB_HOUSEKEEPING_TASK_UNITS);

        // scan reconciler task
        ScanReconcilerWorker scanReconcilerTask
                = new ScanReconcilerWorker();
        scheduledTaskService.scheduleAtFixedRate(scanReconcilerTask,
                0,
                SCHEDULE_INTERVAL__SCAN_RECONCILER_TASK_VALUE,
                SCHEDULE_INTERVAL__SCAN_RECONCILER_TASK_UNITS);

        // init
        // packet processing thread pool
        packetProcessingPool = Executors.newFixedThreadPool(packetProcessingWorkerCount);

    }
ErikV121 commented 1 month ago

Seems like im going to need to do some research, I have not idea whats going on , but its part of the learning process, right. However, your comments do help alot.

ssill2 commented 1 month ago

good luck on your project. I've had to shelve mine for a few weeks to work on other stuff unfortunately, but I do have the packet collection stuff working perfectly.