让 Linux 掌握网络抓包技术:使用Jpcap(linuxjpcap)
most of the time, Linux users have to rely on third-party software to capture network packets. However, if you know a little bit about Linux and system programming, you can use Linux to capture network packets.
In this tutorial, we will introduce you to the fundamentals of using Jpcap to capture network packets in Linux. First, we need to install Jpcap on our system. Jpcap can be installed via rpm package, via source package, or manually. In this tutorial, we will manually install it.
Make sure to have the following pre-requisites installed on your machine. In case it miss something, install it by running the following command.
$ sudo yum install libpcap libpcap-devel
Now, download the source package of Jpcap and extract it.
$ wget http://sourceforge.net/projects/jpcap/files/latest/download
$ tar -xzf jpcap-.tar.gz
$ cd jpcap-
Now, it’s time to build and install Jpcap.
$ ./configure
$ make$ sudo make install
Once, the installation is complete. It’s time to play with Jpcap. We will write a simple Java program that will capture the packets from the network.
import java.net.InetAddress;
import jpcap.*;
public class JPCapture { public static void main(String[] args) {
NetworkInterface[] devices = JpcapCaptor.getDeviceList(); for (NetworkInterface device : devices) {
System.out.println(device); JpcapCaptor captor = JpcapCaptor.openDevice(device, 2000, false, 3000);
captor.processPacket(1, packetInfo -> { System.out.println(InetAddress.getByAddress
(packetInfo.data)); });
} }
}
This program will print the IP address of each packet that is captured. You can modify the code to capture other information as well.
Once the program is ready, run the following command to compile and execute it.
javac JPCapture.java
java JPCapture
Now you can use Linux to capture network packets using Jpcap. Jpcap is a very powerful tool and you can use it to capture and analyze any kind of traffic. You just need to know some basic coding skills to use it to its full potential.
