Java PCAP file parser library

Question

I'm looking for a fast way to parse PCAP file packets.

I'm currently using jNetPcap like so:

Pcap pcap = Pcap.openOffline(file, errbuf);
pcap.loop(10, jpacketHandler, "jNetPcap rocks!");

But it is pretty slow, is there any other good Java libraries that can parse PCAP files?

score 7 · Accepted Answer · answered Jun 19 '17 at 07:34

Just stumbled upon pcap parsing task in Java and found a pcap parser in Kaitai Struct. Surprisingly, it turns out to be blazing fast — probably because it's not a wrapper over C pcap library, but just a raw parser instead. My average results (on the same box, of course) are as following:

jpcap - 10,301 pps
jnetpcap - 15,148 pps
pcap.ksy in Kaitai Struct - 121,176 pps

So, if you don't need capturing, I wholeheartedly recommend trying out Kaitai Struct parser.

score 4 · Answer 2 · edited May 23 '17 at 12:13

4

jNetPcap is the most stable and well written wrapper. Its better than JPcap see this for comparison details. And i don't have a comparison details for pcap4j to evaluate.

edited May 23 '17 at 12:13

Community

1
1

answered Nov 17 '14 at 18:02

Vishnu

1,011
14
31

Java PCAP file parser library

2 Answers2