解析从wireshark文件采取的pcap使用 - Java [英] Parsing pcap taken from wireshark file using - Java
问题描述
我正在使用JAVA转换从wireshark获取的PCAP文件,而不使用本机或现成的库。
我直接将字节转换为字符串只是为了检查它的有意义部分。
然后我试图将它从十六进制转换为字符串。这没有意义。
有java库
我试图从 pcap 文件中获得相同的结果,该文件包含十六进制或二进制数据:
d4c3 b2a1 0200 0400 0000 0000 0000 0000
0000 0400 0100 0000 2fd4 b355 2af8 0600
3600 0000 3600 0000 0100 5e00 0016 f409
d8ed d951 0800 46c0 0028 0000 4000 0102
4049 c0a8 0308 e000 0016 9404 0000 2200
fa02 0000 0001 0300 0000 e000 00fb 2fd4
最后我想要输出像这样的东西:
任何线索或建议在哪里获取数据包和文件格式可以帮助我很多。可能有其他人已经遇到过这个问题?
谢谢
提问者提到jNetPcap并不理想,因为它包装了一个本地库。
自接受答案以来,已经出现了一个纯Java库: https://github.com / aboutsip / pkts
I am working on converting PCAP file taken from wireshark using JAVA without using native or ready libraries.
i converted the bytes to string directly just for checking the meaningful parts of it.
then i tried to convert it from hexadecimal to string. It was not meaningful.
there is java library jNetPcap which is wrapping all the libpcap library native calls which is written in c.
The following picture is captured the wireless network. so the pcap contains the same information: Source ip, destination ip, protocol, length and info
I am trying to get the same result form the pcap file which contains the data in hexadecimal or binary:
d4c3 b2a1 0200 0400 0000 0000 0000 0000
0000 0400 0100 0000 2fd4 b355 2af8 0600
3600 0000 3600 0000 0100 5e00 0016 f409
d8ed d951 0800 46c0 0028 0000 4000 0102
4049 c0a8 0308 e000 0016 9404 0000 2200
fa02 0000 0001 0300 0000 e000 00fb 2fd4
at the end i want to get to the output to be like something like this:
Any clue or suggestions where to get the packets and file format can help me alot. there maybe somebody else who already came along with this problem ?
Thank you
The asker mentioned that jNetPcap is not ideal because it wraps a native library. In the time since the accepted answer, a pure Java library has emerged: https://github.com/aboutsip/pkts
这篇关于解析从wireshark文件采取的pcap使用 - Java的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
