 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Java Forum / General / November 2007Parse pcap Ethereal file SNMP messages
Hi, I am looking for a way to parse Ethereal pcap file with SNMP messages. Need to integrate this code into my application without installing any other applications or libraries such as WinPcap. But can include other jars into my distribution package. Checked: - JNetStream: don't have SNMP messages ready parser - JPCap: require WinPCap installation Thanks, Pavel > I am looking for a way to parse Ethereal pcap file with SNMP messages. > [quoted text clipped - 5 lines] > - JNetStream: don't have SNMP messages ready parser > - JPCap: require WinPCap installation So you want to open and parse a file created by pcap, without using the pcap library? Is there any reason your application can't use the existing library? Seems simple enough, just reimplement it yourself. A smarter way though, is to use the pcap library. /gordon -- > > I am looking for a way to parse Ethereal pcap file with SNMP messages. > [quoted text clipped - 17 lines] > > -- I don't have any problem to use PCap library. I just need the library in jars and not as setup installer in order to add these jars to my collection of already used jars. > I don't have any problem to use PCap library. I just need the library > in jars and not as setup installer in order to add these jars to my > collection of already used jars. In that case, I really can't see what the problem is. Build the package, get the jars and package them with your application (if the author lets you distribute his code that way). Failing that, tell your users that the library is a prerequisite for using your application. /gordon -- On Tue, 02 Oct 2007 09:29:49 -0000, "pavel.orehov@gmail.com" <pavel.orehov@gmail.com> wrote, quoted or indirectly quoted someone who said : >I am looking for a way to parse Ethereal pcap file with SNMP messages. Ethereal has a new name and home, and left no forwarding address. Perhaps wireshark docs may help. See http://mindprod.com/jgloss/wireshark.html  SignatureRoedy Green Canadian Mind Products The Java Glossary http://mindprod.com If someone is looking for this solution it is possible to do this with JNetStream and SNMP4J libraries in a pretty easy way. The algorithm is as follows: - Parse pcap file stream with JNetStream decoder and run over all packets in pcap file Decoder decoder = new Decoder(pcap_filename); Packet packet = null; byte[] buff = null; while ((packet = decoder.nextPacket()) != null) { buff = packet.getDataValue(); // get timestamp TimePrimitive timePrimitive = (TimePrimitive)packet.getProperty("timestamp"); Timestamp sqlTimestamp = (Timestamp)timePrimitive.getValue(); timestamp = sqlTimestamp.getTime(); // get source IP address Field saddrField = packet.getHeader("IPv4").getField("saddr"); com.voytechs.jnetstream.primitive.address.IpAddress saddr = (com.voytechs.jnetstream.primitive.address.IpAddress)saddrField.getValue(); String saddrStr = saddr.getInetObject().getHostAddress(); // skip not udp packets if (packet.getHeader("UDP") == null) { continue; } // send this buffer, timestamp and source IP to SNMP4J // you should oi } Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.