Ejemplo n.º 1
0
  public static void main(String[] args) {
    /*  ipaddress.add("139.130.4.5");
            ipaddress.add("74.125.226.22");
            ipaddress.add("69.171.230.68");
    */

    final StringBuilder errbuf = new StringBuilder();
    final Pcap pcap = Pcap.openOffline(FILENAME, errbuf);
    if (pcap == null) {
      System.err.println(errbuf);
      return;
    }
    pcap.loop(
        Pcap.LOOP_INFINITE,
        new JPacketHandler<StringBuilder>() {

          final Tcp tcp = new Tcp();

          final Ip4 ip4 = new Ip4();
          final Http http = new Http();

          public void nextPacket(JPacket packet, StringBuilder errbuf) {

            if (packet.hasHeader(Tcp.ID)) {
              if (packet.hasHeader(tcp) && packet.hasHeader(http)) {

                packet.getHeader(ip4);
                byte[] sip = new byte[4];
                sip = packet.getHeader(ip4).source();
                byte[] dip = new byte[4];
                dip = packet.getHeader(ip4).destination();
                String destinationip = org.jnetpcap.packet.format.FormatUtils.ip(dip);
                if (!(ipaddress.contains(destinationip))) {
                  ipaddress.add(destinationip);
                }
              }
            }
          }
        },
        errbuf);
    ipaddresscollection();
    //   pcap.close();

  }
Ejemplo n.º 2
0
 /**
  * @param descriptor the protocol descriptor
  * @param listener the packet listener
  * @param file the dump file
  * @throws IOException if any error occur while reading the file
  */
 public FileProtocolParser(ProtocolDescriptor descriptor, PacketListener listener, File file)
     throws IOException {
   super(descriptor, listener, Pcap.openOffline(file.getAbsolutePath(), new StringBuilder()));
 }
  public void create() {

    /**
     * ************************************************************************* First we setup
     * error buffer and name for our file
     * ************************************************************************
     */
    final StringBuilder errbuf = new StringBuilder(); // For any error msgs

    final String file = "captured.txt";
    final String pcapFile = "captured.pcap";

    // delete the old txt file by opening it as an output

    try {
      FileWriter results = new FileWriter(file);
      // Create new File.
      BufferedWriter out = new BufferedWriter(results);

      out.close();
    } catch (IOException e) {
      System.out.println("The file cannot be opened " + e);
    }

    //

    System.out.println("Opening file for reading:" + pcapFile);
    /**
     * ************************************************************************* Second we open up
     * the selected file using openOffline call
     * ************************************************************************
     */
    Pcap pcap = Pcap.openOffline(pcapFile, errbuf);

    if (pcap == null) {
      System.err.printf("Error while opening device for capture: " + errbuf.toString());
      return;
    }

    /**
     * ************************************************************************* Third we create a
     * packet handler which will receive packets from the libpcap loop.
     * ************************************************************************
     */
    PcapPacketHandler<String> jpacketHandler =
        new PcapPacketHandler<String>() {

          public void nextPacket(PcapPacket packet, String user) {

            Tcp tcp = new Tcp();
            Ip4 ip = new Ip4();
            Udp udp = new Udp();

            final Http http = new Http();

            int TotalSize = 0;
            int caplen = 0;
            int ext = 0;
            int ack = 0;
            int istcp = 0;
            int ishttp = 0;
            int isudp = 0;
            int headerLength = 0;
            int PayloadLength = 0;

            // System.out.println(packet.getTotalSize());//costas
            // System.out.printf( " total size %-6d caplen= %6d  %6d  ",
            // packet.getTotalSize(),
            // packet.getCaptureHeader().caplen(),packet.getTotalSize()-
            // packet.getCaptureHeader().caplen());//costas

            TotalSize = packet.getTotalSize();
            caplen = packet.getCaptureHeader().caplen();

            PayloadLength = 0;
            headerLength = 0;

            ext = 0;
            ack = 0;
            // ****************************************************
            String ssourceIp = "";
            String destinIp = "";
            String sourceIp = "";
            if (packet.hasHeader(ip)) {
              sourceIp = FormatUtils.ip(ip.source());
              destinIp = FormatUtils.ip(ip.destination());
            }

            if (packet.hasHeader(udp)) // for udp packets
            {
              isudp = 1;
              headerLength = udp.getHeaderLength();
              if (packet.hasHeader(ip)) // check for the existance of ip
              {

                InetAddress ipAddress = null;

                try {
                  ipAddress = InetAddress.getByAddress(ip.source()); // get
                  // the
                  // ip
                  // address
                  // ipAddress=
                  // InetAddress.getByAddress(ip.destination());
                } catch (UnknownHostException e) {
                }

                ssourceIp = ipAddress.getHostAddress(); // get the ip
                // address

                if (sourceIp.startsWith("10.3.")
                    || sourceIp.startsWith("192.168.")
                    || sourceIp.startsWith("10.239.")
                    || sourceIp.startsWith("10.4.")) {
                  ext = 0; // out-going message
                } else {
                  ext = 1; // in-coming message
                }

                ack = 0;
              } // end for header ip

              PayloadLength = udp.getPayloadLength();

            } // end for udp packet.
            else {
              isudp = 0;
            }

            // *******************************************************************

            if (packet.hasHeader(http)) {
              ishttp = 1;
              PayloadLength = http.getPayloadLength();
              if (packet.hasHeader(ip)) //
              {

                InetAddress ipAddress = null;
                try {
                  ipAddress = InetAddress.getByAddress(ip.source());
                } catch (UnknownHostException e) {
                }

                ssourceIp = ipAddress.getHostAddress(); // get the ip
                // address

                if (sourceIp.startsWith("10.3.")
                    || sourceIp.startsWith("192.168.")
                    || sourceIp.startsWith("10.239.")
                    || sourceIp.startsWith("10.4.")) {
                  ext = 0; // internal address
                } else {
                  ext = 1; // external
                }
              } // end for header ip
            } else // not http
            {
              ishttp = 0;
            } // end for http

            // **********************************************
            if (packet.hasHeader(tcp)) {
              istcp = 1;
              headerLength = tcp.getHeaderLength();
              if (packet.hasHeader(ip)) // check for existance of ip
              // header
              {

                InetAddress ipAddress = null;
                try {
                  ipAddress = InetAddress.getByAddress(ip.source());
                } catch (UnknownHostException e) {
                }

                ssourceIp = ipAddress.getHostAddress(); // get the ip
                // address

                if (sourceIp.startsWith("10.3.")
                    || sourceIp.startsWith("192.168.")
                    || sourceIp.startsWith("10.239.")
                    || sourceIp.startsWith("10.4.")) {

                  ext = 0; // out-going message
                } else {

                  ext = 1; // in-coming message
                }

                if (tcp.flags_ACK() == true) ack = 1;
                else ack = 0;
              } // end for header ip

              PayloadLength = tcp.getPayloadLength();

            } // end for tcp packet.
            else {
              istcp = 0;
            }

            String rec =
                istcp
                    + ","
                    + ishttp
                    + ","
                    + isudp
                    + ","
                    + ack
                    + ","
                    + ext
                    + ","
                    + TotalSize
                    + ","
                    + PayloadLength
                    + ","
                    + caplen
                    + ","
                    + headerLength
                    + ","
                    + sourceIp
                    + ","
                    + destinIp
                    + ","
                    + user;
            write_rec(file, rec); // write raw data in a text file.
          }
        };

    // capturing all the packets of the Pcap file
    try {
      pcap.loop(Pcap.LOOP_INFINITE, jpacketHandler, "?");
    } finally {

      // Last thing to do is close the pcap handle
      pcap.close();
      System.out.println("End of packet capturing..Pcap file closed");
      System.out.println("Now the analyser is running...");
      scanTxtFile(file, "test-final.arff"); // scans the file.txt and
      // creates a weka file
      // (arff)
    }
  } // end of main