Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

master branch is useless #317

Open
quantrpeter opened this issue Oct 15, 2024 · 11 comments
Open

master branch is useless #317

quantrpeter opened this issue Oct 15, 2024 · 11 comments

Comments

@quantrpeter
Copy link

master branch is useless, right? v1 is the major one?
thanks
@ssill2
Copy link

ssill2 commented Oct 15, 2024

yeah, seems like. I'm just using 1.8.3 with an overrided jna version and that's working for me to protoype an idea. I'm probably going to switch to jnetpcap once I validate what I'm doing. it seems more maintained. and if I choose to use it for multi-gigabit stuff it seems better supported for hardware acceleration etc. The pricing is SUPER cheap too, but it's free up to 5 machines

@ErikV121
Copy link

Is it me or the documentation useless for pcap4j? I've tried to setup Jnetpcap but I keep getting source file mismatch errors?

@ssill2
Copy link

ssill2 commented Oct 18, 2024

yeah, I had trouble trying to get jnetpcap working. I spoke to the author a week or two ago and he said big changes were coming so that it would be easier to get going. I had used pcap4j a few years ago and really liked it and it was going to be my first choice for this new thing I want to try. I think I was using 1.6 or 1.7 at that time, and it was on java 8 I think lol But I've recently switched all my projects to java 21 so I'm trying to be latest and greatest on everything, including pcap4j. I had the same kind of issues with trying to build 2.x. Since I've not seen any recent commits on this project, that's why I'll probably go back to jnetpcap once that's updated.

@ErikV121
Copy link

dang, well i hope those changes come soon . I have a semseter project to finish (network monitoring system) and then I need to some how figure out how do specific things. Question please , your preference, which one would you choose for a project like this? example calculate bandwidth, latency, traffic, etc. I'd appreciate your response :)

@ssill2
Copy link

ssill2 commented Oct 18, 2024

you can make pcap4j 1.8.2 work just fine, you have to override the version of jna, but it works. I think it depends GREATLY on how much bandwidth your talking about. Also in my case I'm going to be doing a production product so I want to base my work on something that is supported. for your project pcap4j should work.

This is what I have in my pom.xml

        <dependency>
            <groupId>org.pcap4j</groupId>
            <artifactId>pcap4j-core</artifactId>
            <version>1.8.2</version>
            <type>jar</type>
            <exclusions>
                <exclusion>
                    <groupId>org.slf4j</groupId>
                    <artifactId>slf4j-api</artifactId>
                </exclusion>
                <exclusion>
                    <groupId>net.java.dev.jna</groupId>
                    <artifactId>jna</artifactId>
                </exclusion>
            </exclusions>
        </dependency>
        <dependency>
            <groupId>org.pcap4j</groupId>
            <artifactId>pcap4j-packetfactory-static</artifactId>
            <version>1.8.2</version>
        </dependency>
        <dependency>
            <groupId>net.java.dev.jna</groupId>
            <artifactId>jna</artifactId>
            <version>5.15.0</version>
        </dependency>
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-api</artifactId>
            <version>1.7.36</version>
        </dependency>
        <dependency>
            <groupId>org.slf4j</groupId>
            <artifactId>slf4j-jdk14</artifactId>
            <version>1.7.36</version>
        </dependency>

@ErikV121
Copy link

ssill2, I appreciate you, you are the man. I guess I'll get to work and see what I can make of it. Thanks again 👍

@ssill2
Copy link

ssill2 commented Oct 18, 2024

this is my main loop. you'll want to initialize some threadpools to submit work to so you don't have to tie up the main loop.

        if (chosenDevice != null)
        {
            LOG.info(String.format("Opening device '%s'", chosenDevice.getName()));

            int snapLenBytes = 65536;
            int timeoutMillis = 100;

            try (PcapHandle handle = chosenDevice.openLive(snapLenBytes,
                    PcapNetworkInterface.PromiscuousMode.PROMISCUOUS,
                    timeoutMillis))
            {
                // schedule job to periodically display pcap stats
                PcapStatsWorker statsWorker = new PcapStatsWorker(handle);
                scheduledTaskService.scheduleAtFixedRate(statsWorker, 0,
                        SCHEDULE_INTERVAL__PCAP_STATS_TASK_VALUE,
                        SCHEDULE_INTERVAL__PCAP_STATS_TASK_UNITS);

                final PacketListener listener = (Packet packet) ->
                {
                    if (packet == null)
                    {
                        LOG.info("Null packet");
                    }
                    else
                    {
                        if (!(packet instanceof UnknownPacket))
                        {
                            PacketInfo pi = new PacketInfo(triageConfig, packet);
                            PacketProcessorWorker pktProcessingTask
                                    = new PacketProcessorWorker(pi);
                            packetProcessingPool.submit(pktProcessingTask);
                        }
                    }
                };
                handle.loop(0, listener);
            }
            catch (InterruptedException ie)
            {
                LOG.info("Interrupted");
            }
        }

@ssill2
Copy link

ssill2 commented Oct 18, 2024

I'm having some stuff inserted into an in-memory db hsql, so I can quickly do queries and process the things.

@ssill2
Copy link

ssill2 commented Oct 18, 2024

and something like this for your routine tasks like cleaing up in memory tabls and printing out pcap handle stats

    /**
     * Initialize threadpools and fire off any scheduled tasks
     */
    private void initThreadPoolsAndTasks()
    {
        // init
        // schedule tasks pool
        scheduledTaskService = Executors.newScheduledThreadPool(3);

        // db housekeeping task
        HostTableHousekeeper hostsTableHouskeeper = new HostTableHousekeeper();
        scheduledTaskService.scheduleAtFixedRate(hostsTableHouskeeper,
                0,
                SCHEDULE_INTERVAL__DB_HOUSEKEEPING_TASK_VALUE,
                SCHEDULE_INTERVAL__DB_HOUSEKEEPING_TASK_UNITS);

        // scan reconciler task
        ScanReconcilerWorker scanReconcilerTask
                = new ScanReconcilerWorker();
        scheduledTaskService.scheduleAtFixedRate(scanReconcilerTask,
                0,
                SCHEDULE_INTERVAL__SCAN_RECONCILER_TASK_VALUE,
                SCHEDULE_INTERVAL__SCAN_RECONCILER_TASK_UNITS);

        // init
        // packet processing thread pool
        packetProcessingPool = Executors.newFixedThreadPool(packetProcessingWorkerCount);

    }

@ErikV121
Copy link

Seems like im going to need to do some research, I have not idea whats going on , but its part of the learning process, right. However, your comments do help alot.

@ssill2
Copy link

ssill2 commented Oct 18, 2024

good luck on your project. I've had to shelve mine for a few weeks to work on other stuff unfortunately, but I do have the packet collection stuff working perfectly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ssill2 @quantrpeter @ErikV121