0

我已经使用 JPCAP 编写了一个用于 cpature ping 的代码片段。我写的代码如下:

while (true) {
    try {
    PacketCapture m_pcap;
    m_pcap = new PacketCapture();
    m_pcap.open("\\Device\\NPF_{007262BD-....-7EE83D72EBEA}",true);//param 1 is actual device ID
    m_pcap.setFilter("proto ICMP", true);
    pktlistener a = new pktlistener(); //handles the packet
    m_pcap.addPacketListener(a);
    System.out.println("going to sleep");
    Thread.sleep(1 * 1000);// Waiting for 1 second before ending capture
    System.out.println("woken up");
    m_pcap.removePacketListener(a);
    m_pcap.endCapture();
    m_pcap.close();
    a = null;
    m_pcap = null;
    } catch (Exception e) {
        e.printStackTrace();
    }
}

现在上面的代码每隔一秒开始一次新的捕获。上面的问题是循环运行 10 次后,它抛出异常:

 Exception in thread "Thread-6" java.lang.Error: Too many instances, exceeds 10
    at net.sourceforge.jpcap.capture.PacketCapture.<init>(PacketCapture.java:51)

Q1。我该如何防止这种情况。我需要每秒启动一个新的 PacketCapture。

Q2。有没有其他更简单的方法来捕获通过 java 在系统上接收到的 ping 消息?

4

1 回答 1

0

你不能使用PacketCapture超过十次的构造函数。此行为是硬编码的,因为构造函数如下所示:

/**
 * Create a new packet capture instance.
 */
public PacketCapture() {
    if (nextInstance >= INSTANCE_MAX) {
        throw new Error("Too many instances, exceeds " + INSTANCE_MAX);
    }

    instanceNum = nextInstance++;
}

要捕获 ping 请求,您应该尝试以下代码

public class Main {

    public static void main(String[] args) throws CaptureDeviceLookupException {
        Capture cap = new Capture();
        cap.doCapture();
    }
}

class PingListener implements PacketListener {

    @Override
    public void packetArrived(Packet packet) {
        try {
            // only ICMP packages
            if (packet instanceof ICMPPacket) {
                ICMPPacket tcpPacket = (ICMPPacket) packet;
                int data = tcpPacket.getMessageCode();
                // only echo request packages
                if (data == ICMPMessages.ECHO) {
                    // print source and destination.
                    String srcHost = tcpPacket.getSourceAddress();
                    String dstHost = tcpPacket.getDestinationAddress();
                    System.out.println("Ping from: " + srcHost + " to " + dstHost);
                }
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

}

class Capture {
    public void doCapture() {
        // create capture instance
        PacketCapture capture = new PacketCapture();
        // add listener that handles incomming and outgoing packages
        PingListener pingListener = new PingListener();
        capture.addPacketListener(pingListener);
        // m_pcap.setFilter("filter here or in handler", true);

        try {
            capture.open("\\Device\\NPF_{...}", true); // connect capture to device
            while (true) {
                capture.capture(1); // capture one package
            }
        } catch (Exception e) {
            e.printStackTrace(); // exception during capture or handling of
                                 // packages
        } finally {
            // technically never reached as the loop goes on forever.
            // if loop terminates after a while then:

            // remove listener
            capture.removePacketListener(pingListener);
            // end capture (only necessary, if PacketCapture still waits for
            // other packages)
            capture.endCapture();
            // close connection to capture device
            capture.close();
        }
    }
}

我认为对班级有误解PacketCapture。它实际上并没有捕获一个包,然后被丢弃。它会打开与您要捕获其包的设备的连接,然后只要您保持该连接就开始监听。n然后,您通过调用开始捕获包capture.capture(n)。对于在“捕获”阻塞您的程序时到达的每个包,都会调用侦听器。

或者,您可以删除 while 循环并使用capture.capture(-1). 这将永远阻止您的程序,直到您从另一台设备关闭捕获。

于 2013-05-31T09:28:32.603 回答