org.jnetstream.capture
Class Captures

java.lang.Object
  org.jnetstream.capture.Captures

public final class Captures
extends java.lang.Object

Static factory methods for creating and accessing capture sessions. This class provides a number of static methods for manipulating capture files such as concatenating multiple files into one, or reverse and splitting a single large file into multiple smaller ones. Easily get the capture file type or validate its contents. The most imporant methods though are newFile(java.lang.Class, java.io.File), openFile(java.lang.Class, java.io.File) and openLive() which create new blank capture files, open existing capture file or open network interfaces for live network packet capture where packets are received directly from the network and passed to the user.

Author:

Mark Bednarczyk, Sly Technologies, Inc.

Nested Class Summary

static interface	Captures.Factory A factory interface for interfacing with implementation of jNetStream API.
static interface	Captures.LiveCaptureFactory Factory classes which create live capture sessions and transmit packets.
static interface	Captures.LocalFactory Factory interface for local sessions.
static interface	Captures.RemoteFactory Factory interface for remote sessions.

Field Summary

static java.lang.String	FACTORY_CLASS_DEFAULT Classname of the default factory implementation for jNetStream's Captures factory class.
static java.lang.String	FACTORY_CLASS_PROPERTY The name of the system property which controls instantiation of the main factory implementation for this Captures factory class.
static org.apache.commons.logging.Log	logger A logger used for debuging and tracing.

Method Summary

static long	append(FileCapture<? extends FilePacket> dst, Capture... srcs) Copies all of the CapturePackets returned by the source capture sessions into the already open capture file.
static long	catFile(FormatType type, java.io.File file, Capture... sources) Copies all of the CapturePackets returned by the source a destination capture file.
static long	catFile(FormatType type, java.io.File dst, java.io.File... src) Concatenate all the files into single dst file
static void	close() Closes the last capture that was returned by this factory class.
static long	count(com.slytechs.utils.collection.IOSkippableIterator<?> source) Generic method for counting elements of any kind given a skippable iterator.
static long	countPackets(java.io.File file) Counts packets in a file.
static PacketFormatter	defaultFormatter() Gets the default formatter.
static PacketFormatter	defaultFormatter(PacketFormatter formatter) Method is used to set a new default formatter.
static FormatType	formatType(java.io.File file) Determines the format type of the supplied file.
static FormatType	formatType(java.io.InputStream in) Determines the format type of the supplied "input".
static FormatType	formatType(java.nio.channels.ReadableByteChannel in) Determines the format type of the supplied "input".
static FormatType.Detail	formatTypeDetail(java.io.File f) Determines the format type of the supplied file.
static FormatType.Detail	formatTypeDetail(java.nio.channels.ReadableByteChannel in) Determines the format type of the supplied "input".
static Captures.LocalFactory	getLocal() Returns an instance of the current local capture factory which is responsible for creating local capture instances.
static Capture<?>	last() Returns the last capture session returned by this factory method.
static LiveCaptureDevice[]	listCaptureDevices() Returns a list of local capture devices available for live capture.
static <T extends FileCapture<? extends FilePacket>> T	newFile(java.lang.Class<T> t, java.io.File f) Creates a new file of the request type.
static <T extends FileCapture<? extends FilePacket>> T	newFile(java.lang.Class<T> t, java.io.File f, Capture<? extends CapturePacket> c) A convenience utility method which creates a new file and dumps all of the packets from capture to the new file in the proper format.
static <T extends FileCapture<? extends FilePacket>> T	newFile(java.lang.Class<T> t, java.lang.String f) Creates a new file of the request type.
static <T extends FileCapture<? extends FilePacket>> T	newFile(java.lang.Class<T> t, java.lang.String f, Capture<CapturePacket> c) A convenience utility method which creates a new file and dumps all of the packet from capture to the new file in the proper format.
static FileCapture<? extends FilePacket>	newFile(FormatType type, java.io.File file)
static FileCapture<? extends FilePacket>	newFile(FormatType t, java.lang.String file)
static <T extends InputCapture<? extends FilePacket>> T	newInput(java.lang.Class<T> t, java.io.File in)
static <T extends InputCapture<? extends FilePacket>> T	newInput(java.lang.Class<T> t, java.io.InputStream in)
static <T extends InputCapture<? extends FilePacket>> T	newInput(java.lang.Class<T> t, java.io.InputStream in, Filter<ProtocolFilterTarget> filter)
static <T extends InputCapture<? extends FilePacket>> T	newInput(java.lang.Class<T> t, java.nio.channels.ReadableByteChannel in)
static InputCapture<? extends CapturePacket>	newInput(java.io.File file)
static InputCapture<? extends CapturePacket>	newInput(java.io.File file, Filter<ProtocolFilterTarget> filter)
static InputCapture<? extends CapturePacket>	newInput(java.io.InputStream in)
static InputCapture<? extends CapturePacket>	newInput(java.io.InputStream in, Filter<ProtocolFilterTarget> filter)
static <T extends OutputCapture> T	newOutput(java.lang.Class<T> t, java.io.OutputStream out)
static <T extends OutputCapture> T	newOutput(java.lang.Class<T> t, java.nio.channels.WritableByteChannel out)
static OutputCapture	newOutput(FormatType type, java.io.OutputStream out)
static <T extends FileCapture<? extends FilePacket>> T	openFile(java.lang.Class<T> t, java.io.File file)
static <T extends FileCapture<? extends FilePacket>> T	openFile(java.lang.Class<T> t, java.io.File file, FileMode mode)
static <T extends FileCapture<? extends FilePacket>> T	openFile(java.lang.Class<T> t, java.lang.String file)
static FileCapture<? extends FilePacket>	openFile(java.io.File file) Opens a file for reading and writting.
static FileCapture<? extends FilePacket>	openFile(java.io.File file, FileMode mode) Opens a file using the specified file mode.
static FileCapture<? extends FilePacket>	openFile(java.io.File file, Filter<ProtocolFilterTarget> protocolFilter) Opens a file for reading and writting while applying a filter to limit what is returned.
static FileCapture<? extends FilePacket>	openFile(java.lang.String file)
static FileCapture<? extends FilePacket>	openFile(java.lang.String file, Filter<ProtocolFilterTarget> protocolFilter)
static LiveCapture	openLive() Opens up a network interfaces for live packet capture.
static LiveCapture	openLive(CaptureDevice... nics) Opens up a network interfaces for live packet capture.
static LiveCapture	openLive(CaptureDevice nic) Opens up a network interface for live packet capture.
static LiveCapture	openLive(java.util.Collection<CaptureDevice> nics) Opens up a network interfaces for live packet capture.
static LiveCapture	openLive(Filter<ProtocolFilterTarget> filter) Opens up a network interfaces for live packet capture with a filter.
static LiveCapture	openLive(Filter<ProtocolFilterTarget> filter, CaptureDevice nic) Opens up a network interface for live packet capture with a filter.
static LiveCapture	openLive(Filter<ProtocolFilterTarget> filter, java.util.Collection<CaptureDevice> nics) Opens up a network interfaces for live packet capture with a filter.
static LiveCapture	openLive(long count) Opens up a network interfaces for live packet capture.
static NetTransmitter	openTransmitter() Opens a live session with the network interface for packet tranmition.
static NetTransmitter	openTransmitter(java.net.NetworkInterface netInterface) Opens a live session with the network interface for packet tranmition.
static void	registerListener(CaptureListener listener) Registers a listener for capture session events with the current factory.
static void	removeRegisteredListener(CaptureListener listener) Removes a previously registered capture session listener
static void	setLocalCaptureFactory(Captures.LocalFactory local) Allows complete override of the implementation of Capture Framework.
static java.util.List<java.io.File>	splitFile(java.io.File file) Splits the file into smaller files according to default rules defined for each file format.
static java.util.List<java.io.File>	splitFile(java.io.File file, long packetCount, boolean maxCompression) Split the specified file into smaller files containing specified number of packets each from the source file.
static PacketFormatter	stringFormatter() Retrieves the default packet formatter used in formating output to a string.
static PacketFormatter	stringFormatter(PacketFormatter formatter) Method is used to set a new string formatter.
static boolean	validateFile(java.io.File file) Checks if the specified file is in a proper format 100% compabile with specification.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

logger

public static final org.apache.commons.logging.Log logger

A logger used for debuging and tracing. To enable you must enable debug or trace levels and enable appenders for Captures.class path. All implementing methods for Captures.Factory, Captures.LocalFactory and Captures.RemoteFactory methods use this common logger.

FACTORY_CLASS_DEFAULT

public static final java.lang.String FACTORY_CLASS_DEFAULT

Classname of the default factory implementation for jNetStream's Captures factory class.

See Also:

Constant Field Values

FACTORY_CLASS_PROPERTY

public static final java.lang.String FACTORY_CLASS_PROPERTY

The name of the system property which controls instantiation of the main factory implementation for this Captures factory class. If this property is not set, FACTORY_CLASS_DEFAULT is used as the default.

See Also:

Constant Field Values

Method Detail

append

public static long append(FileCapture<? extends FilePacket> dst,
                          Capture... srcs)
                   throws java.io.IOException

Copies all of the CapturePackets returned by the source capture sessions into the already open capture file. The order in which the CapturePackets are read from the sources is unspecified as various muxing algorithms may be used in order to avoid blocking on a single source. If all the sources are file based, the packets will be copied in the order they were supplied as varargs.

Parameters:

srcs - capture sources to read packets from

dst - mutable capture to write the packets into

Returns:

number of packet successfully copied into destination

Throws:

java.io.IOException - any IO errors

catFile

public static long catFile(FormatType type,
                           java.io.File file,
                           Capture... sources)
                    throws java.io.IOException

Copies all of the CapturePackets returned by the source a destination capture file. The order in which the CapturePackets are read from the sources is unspecified as various muxing algorithms may be used in order to avoid blocking on a single source.

Parameters:

type - TODO

file - destination file to write the packets into

sources - capture sources to read packets from

Throws:

java.io.IOException - any IO errors

catFile

public static long catFile(FormatType type,
                           java.io.File dst,
                           java.io.File... src)
                    throws java.io.FileNotFoundException,
                           java.io.IOException

Concatenate all the files into single dst file

Parameters:

type - TODO

dst - destination file to concatenate the src files to

src - array of source files to concatenate contents from

Returns:

TODO

Throws:

java.io.IOException

java.io.FileNotFoundException

close

public static void close()
                  throws java.io.IOException

Closes the last capture that was returned by this factory class.

Throws:

java.io.IOException - any IO errors during closure

count

public static long count(com.slytechs.utils.collection.IOSkippableIterator<?> source)
                  throws java.io.IOException

Generic method for counting elements of any kind given a skippable iterator. Skippable iterator works just like a normal iterator but also provides a skip operation which is much more efficient at advancing to the next element then calling on next is. No objects have to be created or returned. The elements could be packets, record, buffers or anything else.

Parameters:

source - source iterator over which to count all the elements

Returns:

number of elements counted in the source

Throws:

java.io.IOException

countPackets

public static long countPackets(java.io.File file)
                         throws java.io.IOException,
                                FileFormatException

Counts packets in a file. The file is opened and packets within it are counted. The implementation uses the most efficient means available to accomplish the counting task. The count returned will be 100% accurate as no statistical or other types of analysis are used. Compressed file are OK and will be decompressed at runtime as a stream and decoded appropriately.

Parameters:

file - file to have its packets counted

Returns:

number of packets found in the file

Throws:

java.io.IOException - any IO errors

FileFormatException - if the format of the file can not be recognized

defaultFormatter

public static PacketFormatter defaultFormatter()

Gets the default formatter. Default formatter that is used by all types of packets when their format method is invoked.

Returns:

formatter used in packet format methods

defaultFormatter

public static PacketFormatter defaultFormatter(PacketFormatter formatter)

Method is used to set a new default formatter. Default formatter is used in formatting packet content in human readable format to be sent to some output.

Parameters:

formatter - new formatter

Returns:

old formatter, null if there was none

formatType

public static FormatType formatType(java.io.File file)
                             throws java.io.IOException

Determines the format type of the supplied file. Checks the format of the supplied file and expects it to be in one of the supported format types such as Pcap, etc..

Parameters:

file - file to check and return format type

Returns:

format type of the supplied input or null if format type is unknown or not supported

Throws:

java.io.IOException

formatType

public static FormatType formatType(java.io.InputStream in)
                             throws java.io.IOException

Determines the format type of the supplied "input". Checks the format of the supplied input and expects it to be in one of the supported format types such as Pcap, etc..

Parameters:

in - input to check and return format type

Returns:

format type of the supplied input or null if format type is unknown or not supported

Throws:

java.io.IOException

formatType

public static FormatType formatType(java.nio.channels.ReadableByteChannel in)
                             throws java.io.IOException

Determines the format type of the supplied "input". Checks the format of the supplied input and expects it to be in one of the supported format types such as Pcap, etc..

Parameters:

in - input to check and return format type

Returns:

format type of the supplied input or null if format type is unknown or not supported

Throws:

java.io.IOException

formatTypeDetail

public static FormatType.Detail formatTypeDetail(java.io.File f)
                                          throws java.io.IOException

Determines the format type of the supplied file. Checks the format of the supplied file and expects it to be in one of the supported format types such as Pcap, etc.. This method provides additional information about the format type especially for FormatType.Other. You can use FormatType.Detail.getDetailedName() which will provide a known name for the format.

Parameters:

file - file to check and return format type

Returns:

format type of the supplied input or null if format type is unknown or not supported

Throws:

java.io.IOException

formatTypeDetail

public static FormatType.Detail formatTypeDetail(java.nio.channels.ReadableByteChannel in)
                                          throws java.io.IOException

Determines the format type of the supplied "input". Checks the format of the supplied input and expects it to be in one of the supported format types such as Pcap, etc.. This method provides additional information about the format type especially for FormatType.Other. You can use FormatType.Detail.getDetailedName() which will provide a known name for the format.

Parameters:

in - input to check and return format type

Returns:

format type of the supplied input or null if format type is unknown or not supported

Throws:

java.io.IOException

getLocal

public static Captures.LocalFactory getLocal()

Returns an instance of the current local capture factory which is responsible for creating local capture instances. This is synonymous with the RemoteSession counter part which extends the RemoteFactory interface. The methods between Factory, LocalFactory and RemoteFactory are partitioned in a such a way to only allow operations that make sense with the given interface. For example, the RemoteLocalFactory interface does not contain any of the methods that LocalFactory does to open a live network capture using standard java.net.NetworkInterface objects. This is because NetworkInterface objects don't make sense on client machine, they are only instantiated by runtime environment for local machines. Therefore you need to use one of the methods that are allowed for remote capture such as openLive(CaptureDevice) method where CaptureDevice is this frameworks concept and is allowed to be shared accross multiple machines.

Returns:

current local capture factory

last

public static Capture<?> last()

Returns the last capture session returned by this factory method.

Returns:

last capture session returned or null if none had been created yet or if close() had been called which clears out the last capture

listCaptureDevices

public static LiveCaptureDevice[] listCaptureDevices()
                                              throws java.io.IOException

Returns a list of local capture devices available for live capture. Use openLive() method calls to open a live network capture while supplying 1 or more of these capture devices returned. These capture devices differ from ones obtained from packets as in org.jnetstream.packet.Packet#getCaptureDevice that are obtained and contain information about actual live network interfaces on a particular system. CaptureDevices aquire from file based packets or captures only contain information about network interface that may or may not exist any longer.

Returns:

a list of 0 or more capture devices available to be opened

Throws:

java.io.IOException

newFile

public static <T extends FileCapture<? extends FilePacket>> T newFile(java.lang.Class<T> t,
                                                                      java.io.File f)
                                                           throws java.io.IOException,
                                                                  FileFormatException

Creates a new file of the request type. The new file will contain the appropriate block/file header, but other then that is completely empty. This means that file size will not be equal to zero, but no packet or data records exists.

Type Parameters:

T - one of the supported class types that is a subclass of FileCapture, such as PcapFile, SnoopFile, NapFile, etc...

Parameters:

t - type of file to create specified by passing one of the supported class object of the file type to be created

f - the file to create, the file must not exist

Returns:

open Capture of the specified type that can be used to append data to the otherwise empty file

Throws:

java.io.IOException - any IO errors

FileFormatException

newFile

public static <T extends FileCapture<? extends FilePacket>> T newFile(java.lang.Class<T> t,
                                                                      java.io.File f,
                                                                      Capture<? extends CapturePacket> c)
                                                           throws java.io.IOException

A convenience utility method which creates a new file and dumps all of the packets from capture to the new file in the proper format.

Parameters:

f - file to create

type - the type of file to create

c - source of CapturePackets which will be dumped into the new file

Returns:

open instance of this new file

Throws:

java.io.IOException - any IO errors

newFile

public static <T extends FileCapture<? extends FilePacket>> T newFile(java.lang.Class<T> t,
                                                                      java.lang.String f)
                                                           throws java.io.IOException,
                                                                  FileFormatException

Creates a new file of the request type. The new file will contain the appropriate block/file header, but other then that is completely empty. This means that file size will not be equal to zero, but no packet or data records exists.

Type Parameters:

T - one of the supported class types that is a subclass of FileCapture, such as PcapFile, SnoopFile, NapFile, etc...

Parameters:

t - type of file to create specified by passing one of the supported class object of the file type to be created

f - the file to create, the file must not exist

Returns:

open Capture of the specified type that can be used to append data to the otherwise empty file

Throws:

java.io.IOException - any IO errors

FileFormatException

newFile

public static <T extends FileCapture<? extends FilePacket>> T newFile(java.lang.Class<T> t,
                                                                      java.lang.String f,
                                                                      Capture<CapturePacket> c)
                                                           throws java.io.IOException

A convenience utility method which creates a new file and dumps all of the packet from capture to the new file in the proper format.

Parameters:

f - file to create

type - the type of file to create

c - source of CapturePackets which will be dumped into the new file

Returns:

open instance of this new file

Throws:

java.io.IOException - any IO errors

newFile

public static FileCapture<? extends FilePacket> newFile(FormatType type,
                                                        java.io.File file)
                                                 throws java.io.IOException

Parameters:

pcap -

src -

Returns:

Throws:

java.io.IOException

newFile

public static FileCapture<? extends FilePacket> newFile(FormatType t,
                                                        java.lang.String file)
                                                 throws java.io.IOException

Parameters:

pcap -

string -

Returns:

Throws:

java.io.IOException

newInput

public static <T extends InputCapture<? extends FilePacket>> T newInput(java.lang.Class<T> t,
                                                                        java.io.File in)
                                                             throws java.io.IOException

Parameters:

name -

temp1Compressed -

Returns:

Throws:

java.io.IOException

newInput

public static <T extends InputCapture<? extends FilePacket>> T newInput(java.lang.Class<T> t,
                                                                        java.io.InputStream in)
                                                             throws java.io.IOException

Type Parameters:

T -

Parameters:

t -

in -

Returns:

Throws:

java.io.IOException

See Also:

newInput(java.lang.Class, java.io.InputStream)

newInput

public static <T extends InputCapture<? extends FilePacket>> T newInput(java.lang.Class<T> t,
                                                                        java.io.InputStream in,
                                                                        Filter<ProtocolFilterTarget> filter)
                                                             throws java.io.IOException

Type Parameters:

T -

Parameters:

t -

in -

filter -

Returns:

Throws:

java.io.IOException

See Also:

newInput(java.lang.Class, java.io.InputStream, Filter)

newInput

public static <T extends InputCapture<? extends FilePacket>> T newInput(java.lang.Class<T> t,
                                                                        java.nio.channels.ReadableByteChannel in)
                                                             throws java.io.IOException

Throws:

java.io.IOException

newInput

public static InputCapture<? extends CapturePacket> newInput(java.io.File file)
                                                      throws java.io.IOException

Parameters:

file -

Returns:

Throws:

java.io.IOException

newInput

public static InputCapture<? extends CapturePacket> newInput(java.io.File file,
                                                             Filter<ProtocolFilterTarget> filter)
                                                      throws java.io.IOException

Parameters:

f -

Returns:

Throws:

java.io.IOException

newInput

public static InputCapture<? extends CapturePacket> newInput(java.io.InputStream in)
                                                      throws java.io.IOException

Parameters:

in -

Returns:

Throws:

java.io.IOException

See Also:

newInput(java.io.InputStream)

newInput

public static InputCapture<? extends CapturePacket> newInput(java.io.InputStream in,
                                                             Filter<ProtocolFilterTarget> filter)
                                                      throws java.io.IOException

Parameters:

in -

filter -

Returns:

Throws:

java.io.IOException

See Also:

newInput(java.io.InputStream, Filter)

newOutput

public static <T extends OutputCapture> T newOutput(java.lang.Class<T> t,
                                                    java.io.OutputStream out)
                                         throws java.io.IOException

Type Parameters:

T -

Parameters:

t -

out -

Returns:

Throws:

java.io.IOException

See Also:

newOutput(java.lang.Class, java.io.OutputStream)

newOutput

public static <T extends OutputCapture> T newOutput(java.lang.Class<T> t,
                                                    java.nio.channels.WritableByteChannel out)
                                         throws java.io.IOException

Parameters:

name -

out -

Returns:

Throws:

java.io.IOException

newOutput

public static OutputCapture newOutput(FormatType type,
                                      java.io.OutputStream out)
                               throws java.io.IOException

Parameters:

type -

out -

Returns:

Throws:

java.io.IOException

See Also:

Captures.LocalFactory.newOutput(org.jnetstream.capture.FormatType, java.io.OutputStream)

openFile

public static <T extends FileCapture<? extends FilePacket>> T openFile(java.lang.Class<T> t,
                                                                       java.io.File file)
                                                            throws java.io.IOException,
                                                                   FileFormatException

Throws:

java.io.IOException

FileFormatException

openFile

public static <T extends FileCapture<? extends FilePacket>> T openFile(java.lang.Class<T> t,
                                                                       java.io.File file,
                                                                       FileMode mode)
                                                            throws java.io.IOException,
                                                                   FileFormatException

Throws:

java.io.IOException

FileFormatException

openFile

public static <T extends FileCapture<? extends FilePacket>> T openFile(java.lang.Class<T> t,
                                                                       java.lang.String file)
                                                            throws java.io.IOException,
                                                                   FileFormatException

Throws:

java.io.IOException

FileFormatException

openFile

public static FileCapture<? extends FilePacket> openFile(java.io.File file)
                                                  throws java.io.IOException,
                                                         FileFormatException

Opens a file for reading and writting.

Parameters:

file -

Returns:

Throws:

java.io.IOException

FileFormatException - TODO

openFile

public static FileCapture<? extends FilePacket> openFile(java.io.File file,
                                                         FileMode mode)
                                                  throws java.io.IOException,
                                                         FileFormatException

Opens a file using the specified file mode.

Parameters:

file - file to open

mode - FileMode with which to open the file with

Returns:

open file in the specified mode

Throws:

java.io.IOException - any IO errors

FileFormatException - thrown if file containted any format errors

openFile

public static FileCapture<? extends FilePacket> openFile(java.io.File file,
                                                         Filter<ProtocolFilterTarget> protocolFilter)
                                                  throws java.io.IOException

Opens a file for reading and writting while applying a filter to limit what is returned.

Parameters:

file -

protocolFilter -

Returns:

Throws:

java.io.IOException

openFile

public static FileCapture<? extends FilePacket> openFile(java.lang.String file)
                                                  throws java.io.IOException,
                                                         FileFormatException

Parameters:

string -

Returns:

Throws:

FileFormatException

java.io.IOException

openFile

public static FileCapture<? extends FilePacket> openFile(java.lang.String file,
                                                         Filter<ProtocolFilterTarget> protocolFilter)
                                                  throws java.io.IOException

Throws:

java.io.IOException

openLive

public static LiveCapture openLive()
                            throws java.io.IOException

Opens up a network interfaces for live packet capture. All available network interfaces are opened for capture with the exception of any interfaces that carry the loopback address of 127.0.0.0/8. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Returns:

reference to a live capture session

Throws:

java.io.IOException - any IO errors

openLive

public static LiveCapture openLive(CaptureDevice nic)
                            throws java.io.IOException

Opens up a network interface for live packet capture. The specified network interface will be opened for live network packet capture. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Parameters:

nic -

Returns:

Throws:

java.io.IOException

openLive

public static LiveCapture openLive(CaptureDevice... nics)
                            throws java.io.IOException

Opens up a network interfaces for live packet capture. The specified network interfaces are opened for capture with including loopback interface if specified. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Parameters:

nics - collection of network interfaces to open, including loopbacks if part of the collection

Returns:

a single capture session which captures packets from all of the opened interface at the same time

Throws:

java.io.IOException - any IO errors

openLive

public static LiveCapture openLive(java.util.Collection<CaptureDevice> nics)
                            throws java.io.IOException

Opens up a network interfaces for live packet capture. The specified network interfaces are opened for capture with including loopback interface if specified. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Parameters:

nics - collection of network interfaces to open, including loopbacks if part of the collection

Returns:

a single capture session which captures packets from all of the opened interface at the same time

Throws:

java.io.IOException - any IO errors

openLive

public static LiveCapture openLive(Filter<ProtocolFilterTarget> filter)
                            throws java.io.IOException

Opens up a network interfaces for live packet capture with a filter. All available network interfaces are opened for capture with the exception of any interfaces that carry the loopback address of 127.0.0.0/8. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Filter is applied directly by the kernel, this feature is operating system dependent, to efficiently accept or reject packets as close to the hardware level as possible with no extraneous in memory copies. Most modern operating system support this feature. If this feature is not available the filter is applied in "userland" or in user space which is less efficient.

Parameters:

filter - the filter to apply to the capture session

Throws:

java.io.IOException

openLive

public static LiveCapture openLive(Filter<ProtocolFilterTarget> filter,
                                   CaptureDevice nic)
                            throws java.io.IOException

Opens up a network interface for live packet capture with a filter. The specified network interface will be opened for live network packet capture. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Filter is applied directly by the kernel, this feature is operating system dependent, to efficiently accept or reject packets as close to the hardware level as possible with no extraneous in memory copies. Most modern operating system support this feature. If this feature is not available the filter is applied in "userland" or in user space which is less efficient.

Parameters:

nic -

filter -

Returns:

Throws:

java.io.IOException

openLive

public static LiveCapture openLive(Filter<ProtocolFilterTarget> filter,
                                   java.util.Collection<CaptureDevice> nics)
                            throws java.io.IOException

Opens up a network interfaces for live packet capture with a filter. The specified network interfaces are opened for capture with including loopback interface if specified. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Filter is applied directly by the kernel, this feature is operating system dependent, to efficiently accept or reject packets as close to the hardware level as possible with no extraneous in memory copies. Most modern operating system support this feature. If this feature is not available the filter is applied in "userland" or in user space which is less efficient.

Parameters:

nics -

filter -

Returns:

Throws:

java.io.IOException

openLive

public static LiveCapture openLive(long count)
                            throws java.io.IOException

Opens up a network interfaces for live packet capture. All available network interfaces are opened for capture with the exception of any interfaces that carry the loopback address of 127.0.0.0/8. LiveCapture extends the Capture interface which provides simple iterator through which all the captured packets are returned one after the other. There is no guarrantee as to the order in which packets are returned when more then one interface is used for packet capture at the same time. Its simply left upto the underlying implementation to determine the order. Each CapturePacket maintains a reference to a CaptureDevice which is associated with the interface that captured the particular packet.

Parameters:

count - number of packets to capture and exit afterwards

Returns:

reference to a live capture session

Throws:

java.io.IOException - any IO errors

openTransmitter

public static NetTransmitter openTransmitter()
                                      throws java.io.IOException

Opens a live session with the network interface for packet tranmition. The default interface is opened.

Returns:

open transmitter with the default network interface

Throws:

java.io.IOException - any IO errors while opening the connection to interface

openTransmitter

public static NetTransmitter openTransmitter(java.net.NetworkInterface netInterface)
                                      throws java.io.IOException

Opens a live session with the network interface for packet tranmition. The user specified interface is opened.

Returns:

open transmitter with the user specified network interface

Throws:

java.io.IOException - any IO errors while opening the connection to interface

registerListener

public static void registerListener(CaptureListener listener)

Registers a listener for capture session events with the current factory.

Parameters:

listener - listener to notify when new capture session events are generated

removeRegisteredListener

public static void removeRegisteredListener(CaptureListener listener)

Removes a previously registered capture session listener

Parameters:

listener - listener to remove from the list of listeners

setLocalCaptureFactory

public static void setLocalCaptureFactory(Captures.LocalFactory local)

Allows complete override of the implementation of Capture Framework. User can supply its own implementation of the comprehensive LocalFactory which is called to full fill "capture framework's" operations.

Parameters:

local - new local factory for all capture framework's operations

splitFile

public static java.util.List<java.io.File> splitFile(java.io.File file)
                                              throws java.io.IOException

Splits the file into smaller files according to default rules defined for each file format. For NAP the file will be split with each Block Record being split into its own seperate file. The defaults are to split the files into rough 1Meg segments, if the file is greater then 1 Meg otherwise into rough 100K segments if file is less then 1Meg but greater then 100K. If the file is smaller then 100K, nothing is split. Where K = 1024 bytes.

The base filename supplied is used as the base filename for all newly created files with the -XXXX appended to them.

The source file is unmodified

Parameters:

file - file to be split

Returns:

list of newly created files

Throws:

java.io.IOException

splitFile

public static java.util.List<java.io.File> splitFile(java.io.File file,
                                                     long packetCount,
                                                     boolean maxCompression)
                                              throws java.io.IOException

Split the specified file into smaller files containing specified number of packets each from the source file. New files are created to hold only the specified number of packets and associated meta records. The supplied filename is used as a base filename for all newly created files with the post fix of -XXXX appended to them.

The source file is unmodified

Parameters:

file - source file to split

packetCount - split using this many packets from the source file copied into the newly created files

maxCompression - true means produce the smallest possible file, while false means leave it upto the default algorithm for each spcific file type. For example NAP files pad their files to 512Kb by default which means that files containing even only a single packet are of minimum size 512 Kb, but this can be overriden by setting maxCompression to true. Notice that it will be harder to split the NAP file with regular unix commands if default padding is not used.

Returns:

list of all the new files created

Throws:

java.io.IOException

stringFormatter

public static PacketFormatter stringFormatter()

Retrieves the default packet formatter used in formating output to a string. This formatter is used by all types of packets to format the output to a string.

Returns:

formatter used to format packets to a string

stringFormatter

public static PacketFormatter stringFormatter(PacketFormatter formatter)

Method is used to set a new string formatter. String formatter is used in formatting packet content in human readable format to be returned as a string.

Parameters:

formatter - new formatter

Returns:

old formatter, null if there was none

validateFile

public static boolean validateFile(java.io.File file)
                            throws java.io.IOException

Checks if the specified file is in a proper format 100% compabile with specification.

Parameters:

file - file to validate

Returns:

true if file is valid with the specification, otherwise false, even if minor infringements are found

Throws:

java.io.IOException