Let’s take a look at a problem in which you may want to capture Tcpdump
output in your Java Program. You may need TCPDump data with N number of possibilities.
This is a tcpdump Tutorial and Tcpdump usage examples and How to dump packets with tcpdump. You will also learn on hhow to install and use TCPdump to capture packets.
How to capture Tcpdump
data to analyse customer data?
Tcpdump is very basic command and everybody I’m sure everybody may have used it by now 🙂
Tcpdump
is a common packet analyzer that runs in a command line terminal. It allows user to intercept and display TCP/IP
and other packets being transmitted or received over a network.
Tcpdump needs root
user permission and you may not be able to run it using Eclipse IDE. In this tutorial we will write simple steps to capture Tcpdump output in Java and we will run it on Mac OS X.
Prerequisite
: Make sure you have pcap
or TCPDump is installed on your system.
For CentOS:
yum install tcpdump
For Debian and Ubuntu:
apt-get install tcpdump
Let’s get started
- Create Java file:
CrunchifyExecuteTCPDUMP.java
- Command we will use:
/usr/sbin/tcpdump -c 2 -v -A dst port 80
- -c option: Exit after receiving 2 packets
- -v option: verbose output
- -A dst option: Print each packet in ASCII
- dst port
PortNumber
: True if the IP destination field of the packet is host, which may be either an address or a name
This program will also help you to run any other linux / windows / mac terminal commands.
- How to run external programs by using Java ProcessBuilder class?
- tcpdump: Using TCPDUMP from Java
- How to Run Tcpdump From Java
- Java exec – execute system processes with Java
- java + tcpdump = problem – let’s solve it
We are using java.lang.ProcessBuilder
class which is required to create operating system processes. This class is not synchronized.
package com.crunchify.tutorial; import java.io.BufferedReader; import java.io.IOException; import java.io.InputStream; import java.io.InputStreamReader; import java.io.Reader; import java.io.StringWriter; import java.io.Writer; /** * @author Crunchify.com * */ public class CrunchifyExecuteTCPDUMP { public static void main(String[] args) { String tcpDumpCmd = "/usr/sbin/tcpdump -c 2 -v -A dst port 80"; String tcpDumpResult = runTCPDUmp(tcpDumpCmd, true); System.out.println(tcpDumpResult); } public static String runTCPDUmp(String crunchifyCmd, boolean waitForResult) { System.out.println("inside runTCPDUmp()"); String tcpdumpCmdResponse = ""; ProcessBuilder crunchifyProcessBuilder = null; // Find OS running on VM String operatingSystem = System.getProperty("os.name"); if (operatingSystem.toLowerCase().contains("window")) { // In case of windows run command using "crunchifyCmd" crunchifyProcessBuilder = new ProcessBuilder("cmd", "/c", crunchifyCmd); } else { // In case of Linux/Ubuntu run command using /bin/bash crunchifyProcessBuilder = new ProcessBuilder("/bin/bash", "-c", crunchifyCmd); } crunchifyProcessBuilder.redirectErrorStream(true); try { Process process = crunchifyProcessBuilder.start(); if (waitForResult) { InputStream crunchifyStream = process.getInputStream(); tcpdumpCmdResponse = getStringFromStream(crunchifyStream); crunchifyStream.close(); } } catch (Exception e) { System.out.println("Error Executing tcpdump command" + e); } return tcpdumpCmdResponse; } private static String getStringFromStream(InputStream crunchifyStream) throws IOException { System.out.println("inside getStringFromStream()"); if (crunchifyStream != null) { Writer crunchifyWriter = new StringWriter(); char[] crunchifyBuffer = new char[2048]; try { Reader crunchifyReader = new BufferedReader(new InputStreamReader(crunchifyStream, "UTF-8")); int count; while ((count = crunchifyReader.read(crunchifyBuffer)) != -1) { crunchifyWriter.write(crunchifyBuffer, 0, count); } } finally { crunchifyStream.close(); } return crunchifyWriter.toString(); } else { return ""; } } }
As you won’t be execute this program via Eclipse, we will run from Mac Terminal
. Eclipse will give you this error message.
Now let’s run it from Command Prompt / Mac Terminal.
Create file CrunchifyExecuteTCPDUMP.java and save it under ~/Documents
and run below commands.
bash-3.2# javac CrunchifyExecuteTCPDUMP.java bash-3.2# java CrunchifyExecuteTCPDUMP
I hope you get an idea on how to capture TCP Dump using Java program. You are just a comment away if you have any questions.