I have this code from here https://javatutorial.net/capture-network-packages-java But it does not return the src or destination ips. I can see the ip via
System.out.println("packet.getHeader(ip)");
System.out.println(packet.getHeader(ip));
Ip: ******* Ip4 - "ip version 4" - offset=14 (0xE) length=20 protocol suite=NETWORK
Ip:
Ip: version = 4
Ip: hlen = 5 [5 * 4 = 20 bytes, No Ip Options]
Ip: diffserv = 0x0 (0)
Ip: 0000 00.. = [0] code point: not set
Ip: .... ..0. = [0] ECN bit: not set
Ip: .... ...0 = [0] ECE bit: not set
Ip: length = 137
Ip: id = 0xC22C (49708)
Ip: flags = 0x2 (2)
Ip: 0.. = [0] reserved
Ip: .1. = [1] DF: do not fragment: set
Ip: ..0 = [0] MF: more fragments: not set
Ip: offset = 0
Ip: ttl = 62 [time to live]
Ip: type = 6 [next: Transmission Control]
Ip: checksum = 0xF22E (61998) [correct]
Ip: source = 10.222.82.222
Ip: destination = 10.222.82.224
Ip:
What am I doing wrong?
`import java.util.ArrayList;
import java.util.List;
import org.jnetpcap.Pcap;
import org.jnetpcap.PcapIf;
import org.jnetpcap.packet.PcapPacket;
import org.jnetpcap.packet.PcapPacketHandler;
import org.jnetpcap.protocol.network.Ip4;
public class PackageCapture {
public static void main(String[] args) {
List<PcapIf> alldevs = new ArrayList<PcapIf>(); // Will be filled with NICs
StringBuilder errbuf = new StringBuilder(); // For any error msgs
int r = Pcap.findAllDevs(alldevs, errbuf);
if (r != Pcap.OK || alldevs.isEmpty()) {
System.err.printf("Can't read list of devices, error is %s",
errbuf.toString());
return;
}
System.out.println("Network devices found:");
int i = 0;
for (PcapIf device : alldevs) {
String description = (device.getDescription() != null) ? device
.getDescription() : "No description available";
System.out.printf("#%d: %s [%s]\n", i++, device.getName(),
description);
}
PcapIf device = alldevs.get(0); // Get first device in list
System.out.printf("\nChoosing '%s' on your behalf:\n",
(device.getDescription() != null) ? device.getDescription()
: device.getName());
int snaplen = 64 * 1024; // Capture all packets, no trucation
int flags = Pcap.MODE_PROMISCUOUS; // capture all packets
int timeout = 10 * 1000; // 10 seconds in millis
Pcap pcap = Pcap.openLive(device.getName(), snaplen, flags, timeout, errbuf);
if (pcap == null) {
System.err.printf("Error while opening device for capture: "
+ errbuf.toString());
return;
}
PcapPacketHandler<String> jpacketHandler = new PcapPacketHandler<String>() {
public void nextPacket(PcapPacket packet, String user) {
byte[] data = packet.getByteArray(0, packet.size()); // the package data
byte[] sIP = new byte[4];
byte[] dIP = new byte[4];
Ip4 ip = new Ip4();
if (packet.hasHeader(ip) == false) {
return; // Not IP packet
}
ip.source(sIP);
ip.destination(dIP);
/* Use jNetPcap format utilities */
String sourceIP =
org.jnetpcap.packet.format.FormatUtils.ip(sIP);
String destinationIP =
org.jnetpcap.packet.format.FormatUtils.ip(dIP);
System.out.println("srcIP=" + sourceIP +
" dstIP=" + destinationIP +
" caplen=" + packet.getCaptureHeader().caplen());
}
};
// capture first 10 packages
pcap.loop(10, jpacketHandler, "jNetPcap");
pcap.close();
}
}`
Really simple they changed the code. Instead of
ip.source(sIP); ip.destination(dIP);
Do
sIP = ip.source(); dIP = ip.destination();