Java入侵检测(三)
16lz
2021-01-26
这就是最终效果。用了WindowBuilder构建gui。
开始捕获就去抓包,抓完包就存到数据库,并且回调到主线程中显示(有种Android既视感,只不过Android比JavaGui复杂无数倍)
用到的JList、JSipnner、JComBox控件
public class MainWindow implements CaptureListener { // 数目 JLabel LabelTotal, LabelIP, LabelTCP, LabelUDP; private JFrame frame; JpcapCaptor jpcap; // list JList list; // 抓包总数目 JSpinner sp_total_size; // 包下拉 JComboBox box_packet_type; // 抓取后的监听 CaptureListener listener; // 抓包线程 Thread capThread; // 接收回调类 TestPacketReceiver receiver; // 网卡信息类 NetworkInterface nc; NetworkInterface[] devices; // 网卡的adapter ComboBoxModel box_packet_type_mode; // list adapter DefaultListModel
抓包监听
/** * 抓包监听器,实现PacketReceiver中的方法:打印出数据包说明 * */class TestPacketReceiver implements PacketReceiver { CaptureListener captureListener; int totalCount = 0; static MongoDbHelper2 helper; int a, b, c; public TestPacketReceiver() { // TODO Auto-generated constructor stub helper = MongoDbHelper2.getInstance(); helper.getConnection(); } /** * 实现的接包方法: */ public void receivePacket(Packet packet) { if (packet instanceof jpcap.packet.IPPacket) { IPPacket p = (IPPacket) packet; IPCapPacket pCapPacket = new IPCapPacket(); // /192.168.1.102 pCapPacket.setDestinationAddress(p.dst_ip + ""); // /172.24.6.57 pCapPacket.setSourceAddress(p.src_ip + ""); // 4 pCapPacket.setVersionAndlength(p.version + ""); // 0 pCapPacket.setTypeOfService(p.rsv_tos + ""); // 212 pCapPacket.setTotalLength(p.length + ""); // 28372 pCapPacket.setIdetifier(p.ident + ""); // false0 pCapPacket.setFlagsAndOffser(p.d_flag + "" + p.offset); // 59 pCapPacket.setTimeToLive(p.hop_limit + ""); // 17 pCapPacket.setProtocol(p.protocol + ""); // pCapPacket.setChecksum(); a++; totalCount++; helper.insert(MongoDbHelper.IPCollection, pCapPacket); if (captureListener != null) { captureListener.capture(pCapPacket, "IP", totalCount, a); } // System.out.println("insert:"+m); } // Tcp包,在java Socket中只能得到负载数据 if (packet instanceof jpcap.packet.TCPPacket) { TCPPacket p = (TCPPacket) packet; TCPCapPacket pCapPacket = new TCPCapPacket(); pCapPacket.setDestinationAddress(p.dst_ip + ""); pCapPacket.setDestinationPort(p.dst_port + ""); pCapPacket.setDestinationAddress(p.src_ip + ""); pCapPacket.setSourcePort(p.src_port + ""); pCapPacket.setSerialNumber(p.sec + ""); pCapPacket.setConfrimNumber(p.ack_num + ""); pCapPacket.setWindowSize(p.window + ""); // pCapPacket.setTcpCheckSum(); pCapPacket.setUrgentPointer(p.urgent_pointer + ""); b++; totalCount++; helper.insert(MongoDbHelper.TCPCollection, pCapPacket); if (captureListener != null) { captureListener.capture(pCapPacket, "TCP", totalCount, b); } } if (packet instanceof jpcap.packet.UDPPacket) { UDPPacket p = (UDPPacket) packet; UDPCapPacket udpCapPacket = new UDPCapPacket(); udpCapPacket.setDestinationAddress(p.dst_ip + ""); udpCapPacket.setDestinationPort(p.dst_port + ""); udpCapPacket.setDestinationAddress(p.src_ip + ""); udpCapPacket.setSourcePort(p.src_port + ""); // udpCapPacket.setCheckSum(); udpCapPacket.setUdpLength(p.len); c++; totalCount++; helper.insert(MongoDbHelper.UDPCollection, udpCapPacket); if (captureListener != null) { captureListener.capture(udpCapPacket, "UDP", totalCount, c); } } } public void setCaptureListener(CaptureListener captureListener) { this.captureListener = captureListener; } public void removeListener() { // TODO Auto-generated method stub captureListener = null; } interface CaptureListener { void capture(Object obj, String tpye, int totalNum, int curNum); }}
以及三个封装包类和数据库连接类,这里就不贴代码了
更多相关文章
- Android(安卓)中文API (91) —— GestureDetector
- Android(安卓)HandlerThread分析
- Android自动化测试Espresso+UIAutomator故障总结
- Android(安卓)拦截Home键的常用方法
- Android串口开发
- Android(安卓)中监听WIFI连接状态变化
- Android(安卓)Surface 4 SurfaceFlinger
- IPCThreadState 详解
- 网络请求工具类WebServiceUtils