GeeCON Prague 2014*
The moose likes Sockets and Internet Protocols and the fly likes Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


JavaRanch » Java Forums » Java » Sockets and Internet Protocols
Bookmark ""packet length" or "captured length" in "Jpcap" library !?" Watch ""packet length" or "captured length" in "Jpcap" library !?" New topic
Author

"packet length" or "captured length" in "Jpcap" library !?

Esmaeil Ashrafi
Ranch Hand

Joined: Feb 22, 2010
Posts: 73
Hi all
I recently downloaded the jpcap library and read all docs and
tutorials.
I want to develop a very simple application just calculates the total
traffic (send/receive) on my network interface.
But i don't know which parameter i should consider, and i know this is
because of my knowledge lack in (inter)networking.
Also i don't know which types of packet i should consider(just guess
something,e.g:i should survey every packet for destination & source
address and if source are my address and destination is my router(or other
clients in LAN) i should not increment the total bytes with this packet's length or captured length

I also tried in last two days to find out resources in web(Google /Wikipedia) to find out what are all kinds of packets and didn't found anything useful .Although i learned some types from the API documentations (such IPPacket including TCPPacket, ICMPPacket, UDPPacket or ARPPacket and one or two more),so ,while i think i know how to capture packets and even how to filter them, but i am confusing about which packets i should consider for my goal (to just counting traffic to/from Internet).

And in this API there is two field in class packet: caplen as "captured length" and len as "packet length" and i used the example application "Jpcapdumper" and i see when it captures packets, in udp packets, the "packet length" and the "captured length" are different (captured length is bigger than packet length)

Thus i need you people to help
Sorry for long writing

Thanks in advance


I'm really tired of being engaged with stuff other than Java and programming

Wish to get back soon to my love...
him jain
Ranch Hand

Joined: Feb 05, 2010
Posts: 56
Hi!!

I think you should brush up your networking knowledge because it's upto you what type of packets you want to capture.
You can find here, what type of packets you can capture.
http://netresearch.ics.uci.edu/kfujii/jpcap/doc/faq.html
Like for internet, you want to capture all the http packets, then you know that all request goes through port 80.
So, connect to that interface and filter packets on port 80.
You can use this for help : http://jainhim.blogspot.com/2010/05/filter-packets-through-jpcap.html

And if you want to capture all the traffic of internet coming and going through your PC then,
connect to the interface that is associated with your internet, e.g., eth0.

Hope this helped


--Himanshu Jain
http://jainhim.blogspot.com/
Esmaeil Ashrafi
Ranch Hand

Joined: Feb 22, 2010
Posts: 73
Thank you for answering...
I posted this a while ago,however i wrote my application and by studying precisely on filter expression from libpcap/winpcap documentations i create the best filter based on my needs.
But beside the question "which packets..." about the library, my another main question was about what is captured length in compare with packet length and i posted this topic to SDN and finally figure out that i should read throughly the tcpdump documentation as soon as i can...

if you can briefly explain what is the difference would be great

Thank you very much
him jain
Ranch Hand

Joined: Feb 05, 2010
Posts: 56
Captured length is the length of your received packet and
packet length is the length of packet specified by you means how much bytes at maximum you want to capture.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: "packet length" or "captured length" in "Jpcap" library !?