clj-net-pcap Version 1.7.1 Released

I actually uploaded clj-net-pcap version 1.7.1 quite some time ago. Unfortunately, I was very busy and couldn’t even write an announcement. In this post, I briefly announce the clj-net-pcap version 1.7.1 release.

I did the work on clj-net-pcap version 1.7.1 in preparation for the :clojureD conference. The most relevant changes for version 1.7.1 are:

  • Use latest cli4clj version.
  • Add stderr-forwarder-fn.

My motivation for these changes was to provide a better live demo of clj-net-pcap. With the latest cli4clj version, the interactive command line interface (CLI) offers more convenient functionality.

With the stderr-forwarder-fn, the output printed for each packet is printed to stderr instead of stdout. By redirecting stderr to a named pipe or file, it is now possible to use the interactive CLI without the CLI being flooded with the packet output. This, in my opinion, eases the use of clj-net-pcap for simple experiments or demonstrations a lot.

Below, a screenshot of a demo setup is shown. On the top left, the clj-net-pcap interactive CLI is shown. On the top right, another shell is shown that was used to generate traffic via the ping command. On the bottom, the output from the named pipe to which the stderr output was redirected is shown.

The following listing shows how the named pipe is created and the new stderr forwarder is used to redirect the packet capture output to it:

mkfifo stderr-pipe
java -jar clj-net-pcap-1.7.1-standalone.jar -F stderr-forwarder-fn 2> stderr-pipe

The remainder of the example as shown in the screenshot above is simple to print what is written to the pipe via “cat” and to generate the traffic via “ping”.

I hope that this will be as useful for you as it was for me. Comments etc. are, as usual, highly appreciated. Thanks.

This entry was posted in Announcements, clj-net-pcap and tagged , , , . Bookmark the permalink.

2 Responses to clj-net-pcap Version 1.7.1 Released

  1. lc says:

    Thanks for your great work!
    Can you give an example about how filter works, I tried commands like the following, but get NPE
    java -jar target/clj-net-pcap-1.8.0-SNAPSHOT-standalone.jar -f “tcp.port == 8080”
    java -jar target/clj-net-pcap-1.8.0-SNAPSHOT-standalone.jar -f http

    • ruedigergad says:

      Thanks a lot for your feedback.
      I just quickly checked this.

      Maybe you are confusing pcap fiters with Wireshark filters.
      clj-net-pcap uses the pcap-filter syntax (See “man pcap-filter” for more information.).

      Examples of filters you could use are:

      java -jar clj-net-pcap-1.7.1-standalone.jar -f "tcp port 8080"
      java -jar clj-net-pcap-1.7.1-standalone.jar -f "icmp"

      I hope this helps you to go on.



Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.