我正在使用 JPcap 库 (Keita Fujii) 从我的 wifi 设备捕获 http 包。这工作得很好,但如果 http 响应的内容大小太大,包就会碎片化。实际上 TCPPacket-Class 的 psh-Flag 可以帮助我找出响应是否分段,但这是最好的方法吗?我正在寻找一个好的解决方案来合并片段的数据。有人可以给我提示吗?
JpcapCaptor captor = JpcapCaptor.openDevice(devices[1], 65535, true,1000);
captor.setFilter("tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)",true);
while (true) {
Packet packet = captor.getPacket();
if (packet == null || packet == Packet.EOF)
break;
TCPPacket tcppacl = (TCPPacket) packet;
if (!tcppacl.psh){
//wait for next package...
最佳答案
我当前的解决方案如下:
class TCPPacketReciver implements PacketReceiver {
Map<Long, TCPBodyData> tcpBodys = new HashMap<Long, TCPBodyData>();
@Override
public void receivePacket(Packet packet) {
TCPPacket tcppacl = (TCPPacket) packet;
byte[] body = addBodyData(tcppacl);
if(tcppacl.psh){
//body is complete
//do something else...
}
}
private byte[] addBodyData(TCPPacket packet) {
TCPBodyData tcpBodyData;
Long ack = new Long(packet.ack_num);
if (tcpBodys.containsKey(ack)){
tcpBodyData = tcpBodys.get(ack);
tcpBodyData.addBytes(packet.data);
}else{
tcpBodyData = new TCPBodyData(packet.data);
tcpBodys.put(ack, tcpBodyData);
}
if (packet.psh){
tcpBodys.remove(ack);
}
return tcpBodyData.getBytes();
}
private class TCPBodyData {
byte[] bytes = null;
public TCPBodyData(byte[] bytes) {
this.bytes = bytes;
}
public void addBytes(byte[] bytes) {
try {
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
outputStream.write(this.bytes);
outputStream.write(bytes);
this.bytes = outputStream.toByteArray();
} catch (IOException e) {
e.printStackTrace();
}
}
public byte[] getBytes() {
return bytes;
}
}
}
但我仍然对任何其他解决方案感兴趣。谢谢。
关于java - jpcap如何处理碎片tcp包?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18808097/