Skip to main content

Filter packets through jpcap

//Open an interface with openDevice(NetworkInterface intrface, int snaplen, boolean promics, int to_ms)

JpcapCaptor captor=JpcapCaptor.openDevice(devices[index], 65535, false, 20);

captor.setFilter("tcp && src port 6000", true);

It'll filter all the TCP packets with source port number 6000.
So, all we need to do is pass the parameters and use logical and, or operators.


  1. Hey ,
    Saw ur Jpcap topics , nicely written .

    I working on Intrusion detection software in java using Jpcap
    as my college major project .

    Can u guide me regarding it ... I have searched alot n also going through some book like Network Intrusion Detection (3rd Edition) by Northcutt etc.
    mail me at
    Thanks in advance :)

  2. I hope you are done by now? If not, then do write if I can help you. You are welcome. :)

  3. hey!
    a very helpful blog

    but just one question: how can we filter using an ip addr and port number?
    as in only capture packets that are coming from a specific ip address?

  4. Thanks.
    captor.setFilter("IP_to_be_used", true);

    inside setfilter function, mention the IP address and it's done.

    NOTE: make sure you're connected to correct network interface.

  5. hey,
    im working on a packet sniffer project using jpcap...jst wnted to know if these filter expressions can be set by the sense dat can we filter based on a particular data or string rather than ip,port no's and protocols.
    please help..

  6. Hi,

    I don't think your sniffer can sniff into the details of packet like reading it's data. It can detect the nature of packets etc. I guess it doesn't provide any means to look inside the wrapper otherwise, how your packets can be secured if you can read it's content over the network itself. I hope I answered it.

  7. ya.u r rite..this cant be done..but data can be obtained using using pcap
    anyways thanx a lot for the reply..

  8. You can't read the data unless you have captured the packet which comes after filtering. This is the procedure followed:

    ◦Obtain the list of network interfaces
    ◦Open a network interface
    ◦Capture packets from the network interface
    ◦Set capturing filter
    ◦Save captured packets into a file
    ◦Read saved packets from a file

    So, first you need to apply a filter then capture a packet and then you can read it's data. I hope it brings more clarity.

  9. Ya dat m aware of...i was taking it in a different wat...anyways thanx

  10. I guess there's enough material on net to start with. The best one for newbies is:

    I hope that helps.

  11. hey Himanshu. I am a university student working on my final yr project. I wish to have a java program that captures the total bytes sent and received. and use this information and show how much a user has used. id would really great ful if you could help me go about this. thank you

  12. Sure Azhar. May I know what have you tried by now? I guess it's do-able using jpcap.

  13. Hi,

    Could you please let me know how to capture HTTPS calls. I see the characters are jumbled when i capture HTTPS calls.


    GET /a?f=2143137305&pn=aol&p=aol-pt_em&c=r&l=SKY&rand=8816242 HTTP/1.1
    User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:30.0) Gecko/20100101 Firefox/30.0
    Accept: */*
    Accept-Language: en-US,en;q=0.5
    Accept-Encoding: gzip, deflate
    Cookie: B=81m2qo99sglb1&b=3&s=8c
    Connection: keep-alive

    ---------- HTTPS --------------
    2014-07-21 10:56:57,560 INFO [Thread-8] HttpSniffer (
    - ?? ,=g??nK?}e??????+m???[r??}+??>??1 t
    ?\? ????????N? ????=,?,C??5??? ?
    ??[f?l??(?a??? ?q ]?r?Xj?@| ?c??+Y,???V ? !? 'i??g?A"?? +??(W(??? ???. 6?????N???k? ??vt??G? {l18EO??+i??L??aWa?W ?t????s&??*?Dtd(?BWkM??&??/v?hU?^$?a?@RF]?[R??A(BM?j
    ??9W???I5??)? ?eU???;???q?R?^? %???x? ?U"? Q?`?v ???Q ?? ?5?


  14. Hey! Https sends the packet in encrypted form under SSL protection. That's why you see your content like this. Otherwise there would have been no difference in http and https. So, in order to decrypt that you need to break SSL.


Post a Comment

Popular posts from this blog

VBA MAcro to generate "table of contents with hyperlinks" automatically in a ppt

VBA MAcro to generate "table of contents with hyperlinks" automatically in a ppt:

Function TableOfContent(count As Integer)
'count is the no. of slides in ppt
Dim var As Integer
Dim i As Integer, scount As Integer
Dim strSel As String, strTitle As String, strb As String, strtemp As String, str As String
Dim arr() As String
Dim index As Integer, indexcount As Integer, slidecount As Integer
Dim summary As Slide
Dim para As Integer
Dim slideOrder() As Integer

'To generate the Table of contents slide
ReDim slideOrder(count - 2)

'Collect all the IDs of the selected slides
For i = 1 To count - 2
slideOrder(i) = i + 2

'Iterate over the slides in Index order
slidecount = UBound(slideOrder)
For scount = 1 To slidecount
If ActivePresentation.Slides(slideOrder(scount)).Shapes.HasTitle Then
'Build up the ToC Text
strTitle = ActivePresentation.Slides(slideOrder(scount)).Shapes("UseCase").TextFrame.TextRange.Text + ": "
str = ActivePresentation…

redis server went away

It feels really awkward to see "redis: uncaught exception: Redis server went away" when it was working and suddenly this message bumps up. I faced the same situation while accessing php redis but I guess it's more generic one, more related to redis. So, here are possible solutions that I am able to find and highlighting the one which really did work for me.

1. /usr/sbin/setsebool httpd_can_network_connect=1

By default, SELinux does not allow Apache to make socket connections. So, enable the connection.

2. Try to stop the redis server and restart it again.
either of these two should work:
a) redis-cli
b) redis server

3. There might be issues with switch, try to use different switch.

error in eclipse on import org.eclipse.jetty.server.Server;

When you find error in line import org.eclipse.jetty.server.Server; it means eclipse doesn't contain jetty.jar. Right click on project -> properties on left pane -> java build path right pane -> add external jar under libraries tab link it to all the jar files of jetty folder. can download jetty from : now rebuild the project.