JnetPcap V1

[Elnino17]

i'm allerdy build en app with the jentpcap 1.4 as u know this versions have very big issues like i tell u the big issues of Start capture after many run java code what's i can do know. Give me a soultion for this if u have. Thx again.

[slytechs-repos]

Note: I transfered the ticket to the v1 version, this is where it belongs and lets get your fixed up.

If you could post some console output of errors you are getting on startup that would be helpful starting point for me.

Heads up: I may be slow to respond over next couple of days as I'm going in for surgery later today (on my arm.)

[Elnino17]

There is no error in my code but there is a bug in the library of jnetpacap v 1.4 r1425 i think . Because as i tell u in the previous ticket When i run the code sametime dosn't show anything else if u rerun the code about 5 4 times to show the results of code

[slytechs-repos]

Copied from previous ticket:

There is a huge difference between the two libraries. How can I change my code from version 1.4.r1425 to version 2? Additionally, version 1.4.r1425 is full of bugs. I have had to restart my code about 5 times or more to start capturing packets. What is the solution for these big issues? By the way, thank you for all that you do

Here are a few Q/As:

When i run the code sametime dosn't show anything else if u rerun the code about 5 4 times to show the results of code

So there are no error message but also no packets are being captured? Is the code actually running (ie. blocked in Pcap.loop/Pcap.dispatch calls?)

restart my code about 5 times or more to start capturing packets.

But after several restarts it start capturing?

Do you have any BPF capture filters set?

Do you capture in non-premiscous mode?

Is there another application capturing such as wireshark at the same time? Flags and capture filters are cumulative between applications. Ie. capture filter set in wireshark will be set at kernel level and will also filter out packets for other capture sessions.

What operating system and version? Could it be a permission issue?

[Elnino17]

So there are no error message but also no packets are being captured?

• Yes exactly

Is the code actually running (ie. blocked in Pcap.loop/Pcap.dispatch calls?

• Yes the code running and i'm not sure if blocked in the pcap.loop.

But after several restarts it start capturing?

•Exactly by the Way i use the openoffline mode And same times form the first run of my code that's give me a result

Do you have any BPF capture filters set?

• i don't understand this question but if u mean if i use any filter in my code so answer is no

Is there another application capturing such as wireshark at the same time? Flags and capture filters are cumulative between applications. Ie. capture filter set in wireshark will be set at kernel level and will also filter out packets for other capture sessions.

• This i'm not sure but i will test if any application capturing rub in the background

What operating system and version? Could it be a permission issue? • i use the Windows 10 pro I don't think so

[Elnino17]

i think i have find the problem this is my code : package netscope.netscope; import org.jnetpcap.Pcap; import org.jnetpcap.PcapIf; import org.jnetpcap.packet.PcapPacket; import org.jnetpcap.packet.PcapPacketHandler; import org.jnetpcap.protocol.network.Ip4; import org.jnetpcap.protocol.tcpip.Tcp; import java.util.ArrayList; import java.util.HashSet; import java.util.List;

public class Capture { public StringBuilder errbuf = new StringBuilder(); public String myIPAddress = "172.16.53.235"; public Pcap pcap; public List packets = new ArrayList<>(); public String FILENAME;

public ArrayList<PcapIf> alldevs = new ArrayList<PcapIf>();
HashSet<String> SameIp = new HashSet<>();
Ip4 ip = new Ip4();
Tcp tcp = new Tcp();
String IpSrc;
String IpDes;
PcapPacketHandler<String> handler = new PcapPacketHandler<String>() {
    public void nextPacket(PcapPacket packet, String user) {
        packets.add(packet);
    }
};

public Capture(String fileName) {
    this.FILENAME = fileName;
    pcap = Pcap.openOffline(FILENAME, errbuf);
    if (pcap == null) {
        System.err.printf("Error while opening device for capture: " + errbuf.toString());
        return;
    }
}

public void setFileName(String fileName) {
    this.FILENAME = fileName;
    this.pcap.close(); // close the previous pcap file, if any
    this.packets.clear(); // clear the previous packets list, if any
    this.pcap = Pcap.openOffline(FILENAME, errbuf); // open the new pcap file
}

public void StartCap() {
    try {
        System.out.println("hello");
        pcap.loop(Pcap.LOOP_INFINITE, this.handler, "jNetPcap");
    } finally {
        this.pcap.close();
    }
}

} when i add System.out.println("hello"); i find that pcap.loop(Pcap.LOOP_INFINITE, this.handler, "jNetPcap"); does not execute. so what do u think.

[slytechs-repos]

Can you report the value returned by Pcap.loop call? It's an integer and reports number of packets dispatched. I suspect it's running and return 0 in your case.

Also in your SetFilename method you're not checking if it succeeded. Could return null.

But your snipets give me something to work with. I'll work on this from my side on a Win10 install.

PS: I maybe a little slow to check this as I'm post surgery on my arm and can't really type code for a few days but I will let you know what I find as soon as I can.

[slytechs-repos]

I should add.Pcap.loop returns number of packets captured or if negative it's an error code.

Check out pcap_loop documentation to see the error codes. This is exactly what Pcap.loop returns. It will give you a clue to what's going on.

In version 2 BTW, it's a little easier since those error codes are thrown as meaningful checked PcapException with full error descriptions.

[Elnino17]

•I don't understand what's i will do but i'm sur the problem is in the pcap loop. •And how i fix i don't know

•I will send u the all code of me if u have a time check it and tell me what's the problem.

•that's okay bro just keep me to the new news.

•this is my code : https://github.com/Elnino17/gitjnetpcap/tree/master

[Elnino17]

hi again i try this code to know the issues where : `import org.jnetpcap.Pcap; import org.jnetpcap.PcapPacket; import org.jnetpcap.PcapPacketHandler;

public class OfflinePcapCapture { public static void main(String[] args) { String pcapFilePath = "path/to/pcap/file"; StringBuilder errorBuffer = new StringBuilder(); Pcap pcap = Pcap.openOffline(pcapFilePath, errorBuffer); if (pcap == null) { System.err.println("Error opening pcap file: " + errorBuffer.toString()); return; }

    PcapPacketHandler<String> packetHandler = new PcapPacketHandler<String>() {
        public void nextPacket(PcapPacket packet, String user) {
            System.out.println(packet.toString());
        }
    };

    int packetCount = pcap.loop(-1, packetHandler, "");
    if (packetCount < 0) {
        System.err.println("Error capturing packets: " + Pcap.getErr(pcap));
    } else {
        System.out.println("Captured " + packetCount + " packets from " + pcapFilePath);
    }

    pcap.close();
}

} ` And the code never gave me an error.

Sometimes the code captures packets from the file, and other times it doesn't capture any packets even though the file is full of packets.

One thin is that sometimes the code captures packets from the file on the first try, and other times I have to rerun the code multiple times to get a result.

[Elnino17]

Hi dude are u still here !?

[slytechs-repos]

Yes, I'm still here. The link to your report is private. Please let me have access and I'll take a look at what I can suggest.

[Elnino17]

It's the same code of this

import org.jnetpcap.Pcap;
import org.jnetpcap.PcapPacket;
import org.jnetpcap.PcapPacketHandler;

public class OfflinePcapCapture {
public static void main(String[] args) {
String pcapFilePath = "path/to/pcap/file";
StringBuilder errorBuffer = new StringBuilder();
Pcap pcap = Pcap.openOffline(pcapFilePath, errorBuffer);
if (pcap == null) {
System.err.println("Error opening pcap file: " + errorBuffer.toString());
return;
}

    PcapPacketHandler<String> packetHandler = new PcapPacketHandler<String>() {
        public void nextPacket(PcapPacket packet, String user) {
            System.out.println(packet.toString());
        }
    };

    int packetCount = pcap.loop(-1, packetHandler, "");
    if (packetCount < 0) {
        System.err.println("Error capturing packets: " + Pcap.getErr(pcap));
    } else {
        System.out.println("Captured " + packetCount + " packets from " + pcapFilePath);
    }

    pcap.close();
}
}

And the code do same issues Do u get or find any ideas or solution for the issues of pcap.loop

[Elnino17]

Any news !

[slytechs-repos]

Sorry, I haven't had time to setup your test yet. Very busy trying to get 2 new repo modules out by the end of this week.

I did not forget about you and will test soon.

[Elnino17]

Thx. Hope that. and i wish if u can fast find to as a solution

[Elnino17]

Hello bro hope u doing well And also hope u not forget me

[slytechs-repos]

I started looking into V1 issues. There are issues with latest linux OSes. The v1 needs lots of updates which I'm willing to do over time. I'm getting it to build now, but it crashes on Ubuntu 22, so I'm debuging that first before I can address your issue. I'm checking in all my updates regularly into 'develop' branch for those that want to keep along.

Crash on:

Distributor ID: Ubuntu
Description:    Ubuntu 22.04.2 LTS
Release:    22.04
Codename:   jammy

Also, with your issue, can you check if maybe have a VM crash in the root dir of your project? It will look something like this: hs_err_pid109682.log

Because that would explain why it doesn't terminate properly in your case. Not good, but its and explanation and a clue.

[Elnino17]

How I can know if there any issues in my VM!? by the way i'm using a windows and my editor is intlij idea

[Elnino17]

Hello brother Is there any new news about loop issues

[slytechs-repos]

I can't replicate the problem. I am able to run your loop (something similar) without an issue using any of these https://sourceforge.net/projects/jnetpcap/files/jnetpcap/Latest/.

How do you want to proceed? We can setup a little trouble shooting with a video call if you'd like and lets get this going for you. Email me at mark@slytechs.com and lets set something up.

[Elnino17]

Hello, I hope you're doing well and your arm is feeling better. Due to time constraints for my final year project( that i use jnetpcap library for a Monitoring Dashboard Project) at university, I had to switch libraries. However, if you come across a solution to the loop issue, I would be very grateful and happy to switch back to using the jnetpcap library. Thank you!