For my project I am capturing WIRELESS traffic using wireshark ( .cap format ) and I want to read packets in that traffic. So anybody knows Java library that can be used to read contain of the packets ( WIRELESS not ETHERNET ) asked 10 Feb '14, 05:47  WIDS edited 12 Feb '14, 16:08  Guy Harris ♦♦ |
One Answer:
This page lists some pcap libraries, including some for Java. answered 10 Feb '14, 06:15  grahamb ♦ showing 5 of 11 show 6 more comments |
thank you Grahamb but these libraries are for ethernet i want for wireless
Can you please be more specific. What wireless specific data do you expect to read from the capture file?
I want netwotk layer and transport layer data from wireless packet and above layer
@WIDS
I haven't checked (as I don't care for Java) but the libraries should be able to read data from the pcap file regardless of what transport layer is used. Some of the discussions about Ethernet may be about using the libraries to capture traffic, not just reading a pcap file. See also the Wiki page on the libpcap file format.
You'll only be able to read "wireless data" from the pcap file if it's actually present, regardless of what libraries you use. What gets saved in the pcap for Wireless traffic depends on what the drivers hand off to the capturing mechanism on the OS on which the captures are being made.
well.... yes ....
Let me rephrase my question!
Do you need the dissection capabilities of Wireshark, meaning do you need to have access to all sorts of 'fields', like tcp.flags.syn, http.request, ssl.handshake.certificate, etc., or just a tool/library to read the capture file and you will do the dissection yourself?
No sir , I want As much information as I cant get with Wireshark ( including above you mention ).... for wireless network
I need dissection capability but not from wireshark, using wireshark for sniffing purpose only.... i want to do that dissection by myself using java but not getting any library for it....
maybe I don't understand your problem.
@grahamb posted a link which contains several Java libpcap wrappers. They all provide the capability to read a capture file. Some of them have built-in dissectors for ethernet, IP, tcp/udp, etc.
You said, you are going to do the dissection yourself, so you won't need the dissection functionality of those libraries??
If so, then what exactly is the problem with those libraries?
Or do you mean "I don't want to use the Wireshark code to dissect the packets, but I don't want to have to do all the dissection work, so I need a library that does some or all of the dissection work, the same way the libraries @grahamb listed can dissect Ethernet packets"?
I.e., "I want to do that dissection by myself" doesn't mean "I want to write my own code to take an array of raw bytes and dissect packets", it means "I don't want to use the Wireshark code to dissect it"?
probably the solution to your question is here:
Instead of using a Java libpcap wrapper (that does not provide the functionality you need), run tshark and parse the output with Java.
yes i need all all information of TCP/IP or UDP/IP and want to save it in MYsql table