Developer

Capture network packets in Java with Jpcap

If you want to capture network packets in your Java program, you might want to consider using Jpcap. Read this Java tip to learn how Jpcap works.

If you want to capture network packets in your Java program, you'll need a little help because no parts of the core Java API give access to low-level network data. However, Jpcap is a Java API that provides you with this access on Windows or UNIX systems.

Jpcap isn't a pure Java solution; it depends on the use of native libraries. On either Windows or UNIX, you must have the required third-party library, WinPcap or libpcap, respectively.

How Jpcap works

Jpcap uses an event model to allow you to process packets. To get started, you must first create a class that implements the interface jpcap.JpcapHandler.

public class JpcapTip implements JpcapHandler {
    public void handlePacket(Packet packet){
        System.out.println(packet);
    }
}

In order to capture packets, you need to tell Jpcap which network device you want to listen with. The API provides the jpcap.Jpcap.getDeviceList() method for this purpose. The method returns an array of strings, and you use it like this:

String[] devices = Jpcap.getDeviceList();

Once you have a list of device names, you must choose one for listening:

String deviceName = devices[0];

After choosing a device, you open it for listening by using the method Jpcap.openDevice(). The openDevice() method requires four arguments: the device name to be opened, the maximum number of bytes to read from the device at one time, a Boolean value specifying whether to put the device into promiscuous mode, and a timeout value that will be used if you later call the processPacket() method.

Jpcap jpcap = Jpcap.openDevice(deviceName, 1028, false, 10000);

The openDevice() method returns a reference to a Jpcap object that will be used for capturing. Now that you have the Jpcap instance, you can start listening by calling either processPacket() or loopPacket(). Both of the methods take two arguments: The maximum number of packets to capture can be -1 to indicate no limit and an instance of a class that implements JpcapHandler.

If you call processPacket(), then Jpcap will capture packets until either the timeout specified in openDevice is exceeded or the maximum number of packets specified has been reached. loopPacket() will capture packets until the maximum number of packets is reached or forever, if there is no maximum. The call looks like this:

jpcap.loopPacket(-1, new JpcapTip());

Here's the code for the entire test class:

import jpcap.JpcapHandler;
import jpcap.Jpcap;
import jpcap.Packet;

public class JpcapTip implements JpcapHandler {
    public void handlePacket(Packet packet){
        System.out.println(packet);
    }

    public static void main(String[] args) throws java.io.IOException{
        String[] devices = Jpcap.getDeviceList();

        for (int i = 0; i < devices.length; i++) {
            System.out.println(devices[i]);
        }

        String deviceName = devices[0];

        Jpcap jpcap = Jpcap.openDevice(deviceName, 1028, false, 1);
        jpcap.loopPacket(-1, new JpcapTip());
   }
}

To execute the class, you must make sure that the virtual machine can find the Jpcap native library. On Windows, if the jpcap.dll is in the lib directory, the Java command looks like this:

java -Djava.library.path=lib -cp lib\jpcap.jar;. JpcapTip

The output of executing the test class looks like this (it's shortened for space purposes):


ARP REQUEST 00:06:5b:01:b2:4d(192.168.15.79)    
 00:00:00:00:00:00(192.168.15.34)
ARP REQUEST 00:06:5b:01:b2:4d(192.168.15.79)    
 00:00:00:00:00:00(192.168.15.34)
1052251329:525479 192.168.15.103->255.255.255.255 protocol(17) priority(0)  
hop(
offset(0) ident(59244) UDP 1211      1211
...

Capturing packets in Java isn't a pure Java endeavor but, since it's possible, it's nice to know the functionality exists.

Delivered each Thursday, our free Java newsletter provides insight and hands-on tips you need to unlock the full potential of this programming language. Automatically sign up today!

Editor's Picks

Free Newsletters, In your Inbox