clj-net-pcap Version 1.7.1 Released

I actually uploaded clj-net-pcap version 1.7.1 quite some time ago. Unfortunately, I was very busy and couldn’t even write an announcement. In this post, I briefly announce the clj-net-pcap version 1.7.1 release.

I did the work on clj-net-pcap version 1.7.1 in preparation for the :clojureD conference. The most relevant changes for version 1.7.1 are:

  • Use latest cli4clj version.
  • Add stderr-forwarder-fn.

My motivation for these changes was to provide a better live demo of clj-net-pcap. With the latest cli4clj version, the interactive command line interface (CLI) offers more convenient functionality.

With the stderr-forwarder-fn, the output printed for each packet is printed to stderr instead of stdout. By redirecting stderr to a named pipe or file, it is now possible to use the interactive CLI without the CLI being flooded with the packet output. This, in my opinion, eases the use of clj-net-pcap for simple experiments or demonstrations a lot.

Below, a screenshot of a demo setup is shown. On the top left, the clj-net-pcap interactive CLI is shown. On the top right, another shell is shown that was used to generate traffic via the ping command. On the bottom, the output from the named pipe to which the stderr output was redirected is shown.

The following listing shows how the named pipe is created and the new stderr forwarder is used to redirect the packet capture output to it:

mkfifo stderr-pipe
java -jar clj-net-pcap-1.7.1-standalone.jar -F stderr-forwarder-fn 2> stderr-pipe

The remainder of the example as shown in the screenshot above is simple to print what is written to the pipe via “cat” and to generate the traffic via “ping”.

I hope that this will be as useful for you as it was for me. Comments etc. are, as usual, highly appreciated. Thanks.

Advertisements
This entry was posted in Announcements, clj-net-pcap and tagged , , , . Bookmark the permalink.

2 Responses to clj-net-pcap Version 1.7.1 Released

  1. lc says:

    Thanks for your great work!
    Can you give an example about how filter works, I tried commands like the following, but get NPE
    java -jar target/clj-net-pcap-1.8.0-SNAPSHOT-standalone.jar -f “tcp.port == 8080”
    or
    java -jar target/clj-net-pcap-1.8.0-SNAPSHOT-standalone.jar -f http

    • ruedigergad says:

      Thanks a lot for your feedback.
      I just quickly checked this.

      Maybe you are confusing pcap fiters with Wireshark filters.
      clj-net-pcap uses the pcap-filter syntax (See “man pcap-filter” for more information.).

      Examples of filters you could use are:

      java -jar clj-net-pcap-1.7.1-standalone.jar -f "tcp port 8080"
      java -jar clj-net-pcap-1.7.1-standalone.jar -f "icmp"

      I hope this helps you to go on.

      Cheers,

      Ruediger

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s