Filtering the traffic

In order to cause only certain packets to be returned when reading packets, a filter can be set on a pcap handle.

Filter syntax: https://www.tcpdump.org/manpages/pcap-filter.7.html

public static void main(String[] _args)
    throws ErrorException, PermissionDeniedException, PromiscuousModePermissionDeniedException,
        TimestampPrecisionNotSupportedException, RadioFrequencyModeNotSupportedException,
        NoSuchDeviceException, ActivatedException, InterfaceNotUpException,
        InterfaceNotSupportTimestampTypeException {
  var service = Service.Creator.create("PcapService");
  try (var pcap = service.live(service.interfaces(), new DefaultLiveOptions())) {
    pcap.setFilter("icmp", true);
    try {
      pcap.loop(
          10,
          (args, header, buffer) -> {
            System.out.println("Args     : " + args);
            System.out.println("Header   : " + header);
            System.out.println("Packet   : " + buffer);
          },
          "Hello pcap!");
    } catch (BreakException e) {
      System.err.println(e.getMessage());
    } catch (ErrorException e) {
      System.err.println(e.getMessage());
    }
  }
}
PreviousCapture statisticsNextWrite the packets to a capture file

Last updated

Was this helpful?