I am trying to do the following:
However, the following points are giving me trouble:
PacketCapture.lookupDevices()
, which returns a list of Windows' NPF driver device paths to the interfaces (eg \\Device\\NPF_{39966C4C-3728-4368-AE92-1D36ACAF6634}
) and a rather bland display string (eg Microsoft
), and no other info. So I cannot use it to construct the UI interface list. NetworkInterface.getNetworkInterfaces()
provides a list of interfaces on the system with all the info I need for the UI, but NetworkInterface
does not provide the NDF driver device path, only display names, and device names such as "net5", "lo", etc. PacketCapture#open()
only accepts device paths. The list of NetworkInterface
s that are both up and not loopback do correspond to the list of devices returned by jpcap, although they are not in the same order.
So, I can't find anything in NetworkInterface
that can be passed to PacketCapture#open()
, and I don't know how to get UI-appropriate info from the device paths returned by PacketCapture#lookupDevices()
. PacketCapture
does not accept NetworkInterface#getName()
. Therefore, I'm stuck.
I have not tried this on Linux. I suspect the problem is unique to Windows, where NetworkInterface#getName()
does not correspond to the device paths recognized by PacketCapture#open()
.
How can I get the information that jpcap needs to open the device from a NetworkInterface
(or the other way around - get a NetworkInterface
given a device path), or is there another approach that will allow me to just get a nice display name and IP address for each device directly from jpcap?
Windows' Registry: I've been doing some digging and have at least found information about NPF devices in the registry. Given a jpcap device path, and using either one of the techniques here or a native library, a nice adapter name (equivalent to the ones NetworkInterface
returns) and the current IP address can be obtained from the registry as follows:
{39966C4C-3728-4368-AE92-1D36ACAF6634}
from above example). Leave the curly braces and call this . HKLM\\SYSTEM\\CurrentControlSet\\services\\Tcpip\\Parameters\\Interfaces\\<guid>
contains current IP address for device as well as some other configuration info. HKLM\\SYSTEM\\CurrentControlSet\\services\\<guid>\\Parameters\\Tcpip
contains similar information. HKLM\\SYSTEM\\CurrentControlSet\\Control\\Class\\
. If a subkey is found that contains a key NetCfgInstanceId
whose value is <guid> , then the rest of the keys there will contain driver info - the nice display name, vendor info, etc. I do not know how IPv6 factors into the above (there are a few registry areas with a separate Tcpip6 block of info). I also do not know if these keys are the same outside of Windows 7, but I suspect they are. I will convert the above to an answer, with example code, if no better answers are presented. I am still looking for a more direct (ideally platform-independent and registry-free) way.
I have at least found information about NPF devices in the registry, and am expanding the last bit of my question to an answer.
Given a jpcap device path, a nice adapter name (equivalent to the ones NetworkInterface
returns) and the current IP address can be obtained from the registry as follows:
39966C4C-3728-4368-AE92-1D36ACAF6634
from above example). HKLM\\SYSTEM\\CurrentControlSet\\services\\Tcpip\\Parameters\\Interfaces\\{<guid>}
contains current IP address for device as well as some other configuration info. HKLM\\SYSTEM\\CurrentControlSet\\Control\\Class\\
. If a subkey is found that contains a key NetCfgInstanceId
whose value is {<guid>} , then the rest of the keys there will contain driver info - the nice display name, vendor info, etc. Prerequisites:
WinRegistry
from https://stackoverflow.com/a/6163701/616460 . You may copy and paste it from there. Issues:
java.util.prefs.WindowsPreferences
(and therefore WinRegistry
) can only read string keys, not integers. Therefore code below cannot reliably determine if DHCP is enabled. As a hack, logic used is to check static IP/mask and, if blank, fall back on DHCP IP/mask (values are stored separately in registry). Code is below. Full code, including WinRegistry (not present below), is also available on github . Usage is free under SO's CC attribution-sharealike license .
import java.util.regex.Matcher;
import java.util.regex.Pattern;
/**
* Gets information about network interface given a jpcap device string, on Windows. Makes
* use of WinRegistry class from https://stackoverflow.com/a/6163701/616460. This is tested
* against jpcap 0.01.16, which is available for download at http://sourceforge.net/projects/jpcap/.
*
* All getters return empty strings rather than null if the information is unavailable.
*
* @author https://stackoverflow.com/users/616460/jason-c
*/
public class NetworkDeviceInfo {
private static final int DRIVER_CLASS_ROOT = WinRegistry.HKEY_LOCAL_MACHINE;
private static final String DRIVER_CLASS_PATH = "SYSTEM\\CurrentControlSet\\Control\\Class";
private static final String NETCFG_INSTANCE_KEY = "NetCfgInstanceId";
private static final int IFACE_ROOT = WinRegistry.HKEY_LOCAL_MACHINE;
private static final String IFACE_PATH = "SYSTEM\\CurrentControlSet\\services\\Tcpip\\Parameters\\Interfaces";
private final String jpcapDeviceName;
private final String jpcapDisplayName;
private final String guid;
private final String driverName;
private final String driverVendor;
private final String interfaceAddress;
private final String interfaceSubnetMask;
/**
* Construct from a jpcap device string.
* @param jpcapDeviceString Device string from jpcap.
* @throws IllegalArgumentException If the device string could not be parsed.
* @throws UnsupportedOperationException If the Windows registry could not be read.
*/
public NetworkDeviceInfo (String jpcapDeviceString) throws IllegalArgumentException, UnsupportedOperationException {
// extract jpcap device and display name, and guid, from jpcap device string
String[] jpcapParts = jpcapDeviceString.split("\n", 2);
jpcapDeviceName = (jpcapParts.length > 0) ? jpcapParts[0].trim() : "";
jpcapDisplayName = (jpcapParts.length > 1) ? jpcapParts[1].replaceAll("\n", " ").trim() : "";
Matcher matcher = Pattern.compile("\\{(\\S*)\\}").matcher(jpcapDeviceName);
guid = matcher.find() ? matcher.group(1) : null;
if (guid == null)
throw new IllegalArgumentException("Could not parse GUID from jpcap device name '" + jpcapDeviceName + "'");
try {
// search registry for driver details:
// Search all subkeys of subkeys in HKLM\SYSTEM\CurrentControlSet\Control\Class\. If a subkey
// is found that contains a key NetCfgInstanceId whose value is {guid}, then the rest of the keys
// there will contain driver info - the nice display name, vendor info, etc.
String theDriverName = "";
String theDriverVendor = "";
for (String driverClassSubkey : WinRegistry.readStringSubKeys(DRIVER_CLASS_ROOT, DRIVER_CLASS_PATH)) {
for (String driverSubkey : WinRegistry.readStringSubKeys(DRIVER_CLASS_ROOT, DRIVER_CLASS_PATH + "\\" + driverClassSubkey)) {
String path = DRIVER_CLASS_PATH + "\\" + driverClassSubkey + "\\" + driverSubkey;
String netCfgInstanceId = WinRegistry.readString(DRIVER_CLASS_ROOT, path, NETCFG_INSTANCE_KEY);
if (netCfgInstanceId != null && netCfgInstanceId.equalsIgnoreCase("{" + guid + "}")) {
theDriverName = trimOrDefault(WinRegistry.readString(DRIVER_CLASS_ROOT, path, "DriverDesc"), "");
theDriverVendor = trimOrDefault(WinRegistry.readString(DRIVER_CLASS_ROOT, path, "ProviderName"), "");
// other interesting keys: DriverVersion, DriverDate
break;
}
}
if (!theDriverName.isEmpty())
break;
}
driverName = trimOrDefault(theDriverName, jpcapDisplayName);
driverVendor = trimOrDefault(theDriverVendor, "Unknown");
// read tcp/ip configuration details (HKLM\SYSTEM\CCS\services\Tcpip\Parameters\Interfaces\{guid})
// there is an integer key EnableDHCP, but java.util.prefs.WindowsPreferences (and therefore
// WinRegistry) supports reading string keys only, therefore we'll have to hack it to decide on
// DHCP vs. static IP address and hope it's correct.
// also note the ip addresses are REG_MULTI_SZ, presumably to also hold ipv6 addresses. the results
// here may not be quite correct, then. that's why I'm leaving addresses as strings instead of
// converting them to InetAddresses.
String ifPath = IFACE_PATH + "\\{" + guid + "}";
String dhcpIp = trimOrDefault(WinRegistry.readString(IFACE_ROOT, ifPath, "DhcpIPAddress"), "");
String dhcpMask = trimOrDefault(WinRegistry.readString(IFACE_ROOT, ifPath, "DhcpSubnetMask"), "");
// if static set, use it, otherwise use dhcp
interfaceAddress = trimOrDefault(WinRegistry.readString(IFACE_ROOT, ifPath, "IPAddress"), dhcpIp);
interfaceSubnetMask = trimOrDefault(WinRegistry.readString(IFACE_ROOT, ifPath, "SubnetMask"), dhcpMask);
} catch (Exception x) {
throw new UnsupportedOperationException("Information could not be read from the Windows registry.", x);
}
}
/**
* @param str A string.
* @param def A default string.
* @return Returns def if str is null or empty (after trim), otherwise returns str, trimmed.
*/
private final static String trimOrDefault (String str, String def) {
str = (str == null) ? "" : str.trim();
return str.isEmpty() ? def : str;
}
/**
* Gets the jpcap device name, which can be passed to PacketCapture.
* @return Device name from jpcap. Pass this string to PacketCapture to specify this device.
*/
public final String getJpcapDeviceName () {
return jpcapDeviceName;
}
/**
* Gets the jpcap display name. Usually this is pretty bland.
* @return Display name from jpcap.
*/
public final String getJpcapDisplayName () {
return jpcapDisplayName;
}
/**
* Gets the interface GUID.
* @return Interface GUID.
*/
public final String getGuid () {
return guid;
}
/**
* Get a nice display name for the interface driver. Display this in GUIs.
* @return Interface driver name.
*/
public final String getDriverName () {
return driverName;
}
/**
* Get the interface driver vendor name. Could be displayed in GUIs.
* @return Interface driver vendor name.
*/
public final String getDriverVendor () {
return driverVendor;
}
/**
* Get the interface's IP address.
* @return Interface's IP address.
* @bug This may not be correct for interfaces with multiple IP addresses. For this reason, it is
* left as a raw string rather than being converted to an InetAddress.
*/
public final String getInterfaceAddress () {
return interfaceAddress;
}
/**
* Get the interface's subnet mask.
* @return Interface's subnet mask.
* @bug Same issue as getInterfaceAddress().
*/
public final String getInterfaceSubnetMask () {
return interfaceSubnetMask;
}
/**
* Get a display string, for debugging.
* @return Display string, for debugging.
*/
@Override public String toString () {
return String.format("%s (%s) {%s} @ %s/%s", driverName, driverVendor, guid, interfaceAddress, interfaceSubnetMask);
}
}
Here is an example:
import java.util.ArrayList;
import java.util.List;
import net.sourceforge.jpcap.capture.PacketCapture;
public class NetworkDeviceInfoTest {
public static void main (String[] args) throws Exception {
List<NetworkDeviceInfo> infos = new ArrayList<NetworkDeviceInfo>();
// Info can be queried from jpcap device string.
for (String jpcapDevice : PacketCapture.lookupDevices())
infos.add(new NetworkDeviceInfo(jpcapDevice));
// Info can be displayed.
for (NetworkDeviceInfo info : infos) {
System.out.println(info.getJpcapDeviceName() + ":");
System.out.println(" Description: " + info.getDriverName());
System.out.println(" Vendor: " + info.getDriverVendor());
System.out.println(" Address: " + info.getInterfaceAddress());
System.out.println(" Subnet Mask: " + info.getInterfaceSubnetMask());
System.out.println(" jpcap Display: " + info.getJpcapDisplayName());
System.out.println(" GUID: " + info.getGuid());
}
// Device names from NetworkDeviceInfo can be passed directly to jpcap:
NetworkDeviceInfo selected = infos.get(0);
PacketCapture capture = new PacketCapture();
capture.open(selected.getJpcapDeviceName(), true);
}
}
On my machine that outputs:
PacketCapture: loading native library jpcap.. ok \Device\NPF_{691D289D-7EE5-4BD8-B5C1-3C4729A852D5}: Description: Microsoft Virtual WiFi Miniport Adapter Vendor: Microsoft Address: 0.0.0.0 Subnet Mask: 255.0.0.0 jpcap Display: Microsoft GUID: 691D289D-7EE5-4BD8-B5C1-3C4729A852D5 \Device\NPF_{39966C4C-3728-4368-AE92-1D36ACAF6634}: Description: 1x1 11b/g/n Wireless LAN PCI Express Half Mini Card Adapter Vendor: Realtek Semiconductor Corp. Address: 192.168.1.23 Subnet Mask: 255.255.255.0 jpcap Display: Microsoft GUID: 39966C4C-3728-4368-AE92-1D36ACAF6634
Hopefully this is helpful. Improvements are welcome. A better suggestion of a more direct way without using the registry is also welcome.
Here is an alternate solution that should be platform independent although only provides info for interfaces that are up. The registry solution was my first attempt, it works well, but I believe this is a better solution as long as information about down interfaces is not required.
PacketCapture
can provide a network address and subnet mask given a device string (it's an instance method, not a static method, though). For each device string in PacketCapture.lookupDevices()
: PacketCapture
instance (capture does not need to be open). NetworkInterface.getNetworkInterfaces()
and find one that has an address that is on the same network given by the network address and mask that jpcap returned for the device. NetworkInterface
(probably) corresponds to the device string. Prerequisites:
Issues:
Code is below. Usage is free under SO's CC attribution-sharealike license . It's self-contained so I did not put it on github.
import java.net.Inet4Address;
import java.net.InetAddress;
import java.net.NetworkInterface;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;
import net.sourceforge.jpcap.capture.CaptureDeviceLookupException;
import net.sourceforge.jpcap.capture.PacketCapture;
public class JpcapInterfaceInfo {
/**
* Get a list of interface information for all devices returned by jpcap.
* @param capture An instance of PacketCapture to use for getting network address and mask info. If null,
* a new instance will be created.
* @return List of information.
* @throws CaptureDeviceLookupException
*/
public static List<InterfaceInfo> listInterfaces (PacketCapture capture) throws CaptureDeviceLookupException {
if (capture == null)
capture = new PacketCapture();
List<InterfaceInfo> infos = new ArrayList<InterfaceInfo>();
for (String device : PacketCapture.lookupDevices())
infos.add(getInterfaceInfo(capture, device));
return infos;
}
/**
* Get a list of interface information for all devices returned by jpcap.
* @return List of information.
* @throws CaptureDeviceLookupException
*/
public static List<InterfaceInfo> listInterfaces () throws CaptureDeviceLookupException {
return listInterfaces(null);
}
/**
* Utility to check if an interface address matches a jpcap network address and mask.
* @param address An InetAddress to check.
* @param jpcapAddr Network address.
* @param jpcapMask Network mask.
* @return True if address is an IPv4 address on the network given by jpcapAddr/jpcapMask,
* false otherwise.
*/
private static boolean networkMatches (InetAddress address, int jpcapAddr, int jpcapMask) {
if (!(address instanceof Inet4Address))
return false;
byte[] address4 = address.getAddress();
if (address4.length != 4)
return false;
int addr = ByteBuffer.wrap(address4).order(ByteOrder.LITTLE_ENDIAN).getInt();
return ((addr & jpcapMask) == jpcapAddr);
}
/**
* Get an InterfaceInfo that corresponds to the given jpcap device string. The interface must be
* up in order to query info about it; if it is not then the NetworkInterface in the returned
* InterfaceInfo will be null.
* @param capture A PacketCapture instance used to get network address and mask info.
* @param jpcapDeviceString String from PacketCapture.lookupDevices().
* @return InterfaceInfo.
*/
public static InterfaceInfo getInterfaceInfo (PacketCapture capture, String jpcapDeviceString) {
InterfaceInfo info = null;
String deviceName = jpcapDeviceString.replaceAll("\n.*", "").trim();
try {
int netAddress = capture.getNetwork(deviceName);
int netMask = capture.getNetmask(deviceName);
// go through all addresses of all interfaces and try to find a match.
Enumeration<NetworkInterface> e = NetworkInterface.getNetworkInterfaces();
while (e.hasMoreElements() && info == null) {
NetworkInterface iface = e.nextElement();
Enumeration<InetAddress> ae = iface.getInetAddresses();
while (ae.hasMoreElements() && info == null) {
if (networkMatches(ae.nextElement(), netAddress, netMask))
info = new InterfaceInfo(iface, deviceName);
}
}
} catch (Exception x) {
System.err.println("While querying info for " + deviceName + ":");
x.printStackTrace(System.err);
}
if (info == null)
info = new InterfaceInfo(null, deviceName);
return info;
}
/**
* Information about a network interface for jpcap, which is basically just a NetworkInterface
* with details, and the jpcap device name for use with PacketCapture.
*/
public static class InterfaceInfo {
private final NetworkInterface iface;
private final String deviceName;
InterfaceInfo (NetworkInterface iface, String deviceName) {
this.iface = iface;
this.deviceName = deviceName;
}
/**
* Get NetworkInterface for this interface.
* @return May return null if no matching NetworkInterface was found.
*/
public final NetworkInterface getIface () {
return iface;
}
/**
* Get jpcap device name for this interface. This can be passed to PacketCapture.open().
* @return Device name for interface.
*/
public final String getDeviceName () {
return deviceName;
}
@Override public final String toString () {
return deviceName + " : " + iface;
}
}
}
Here is an example:
import java.util.List;
import net.sourceforge.jpcap.capture.PacketCapture;
public class JpcapInterfaceInfoTest {
public static void main (String[] args) throws Exception {
// Info can be queried from jpcap device list.
List<JpcapInterfaceInfo.InterfaceInfo> infos = JpcapInterfaceInfo.listInterfaces();
// Info can be displayed.
for (JpcapInterfaceInfo.InterfaceInfo info : infos)
System.out.println(info);
// Device names from InterfaceInfo can be passed directly to jpcap:
JpcapInterfaceInfo.InterfaceInfo selected = infos.get(0);
PacketCapture capture = new PacketCapture();
capture.open(selected.getDeviceName(), true);
}
}
On my machine (same setup as registry solution), this outputs:
\Device\NPF_{691D289D-7EE5-4BD8-B5C1-3C4729A852D5} : null \Device\NPF_{39966C4C-3728-4368-AE92-1D36ACAF6634} : name:net5 (1x1 11b/g/n Wireless LAN PCI Express Half Mini Card Adapter)
I did not make the output as pretty as the other solution. Note that the "virtual wifi miniport adapter" (the first one) has a null NetworkInterface
because, since it is not up, a match could not be found (an IP address and network address was not present).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.