JavaのPcapファイル解析(二:データ構造の構築)
15497 ワード
データ構造
前の記事の内容によって、次のようなデータ構造が構築されます。
Pcapファイルヘッダ
前の記事の内容によって、次のようなデータ構造が構築されます。
Pcapファイルヘッダ
/**
* Pcap
* @author johnnie
*
*/
public class PcapFileHeader {
private int magic; // , 16 0xa1b2c3d4(4 )
private short magorVersion; // (2 )
private short minorVersion; // (2 )
private int timezone; // (4 )
private int sigflags; // (4 )
private int snaplen; // (4 )
private int linktype; // (4 )
public int getMagic() {
return magic;
}
public void setMagic(int magic) {
this.magic = magic;
}
public short getMagorVersion() {
return magorVersion;
}
public void setMagorVersion(short magorVersion) {
this.magorVersion = magorVersion;
}
public short getMinorVersion() {
return minorVersion;
}
public void setMinorVersion(short minorVersion) {
this.minorVersion = minorVersion;
}
public int getTimezone() {
return timezone;
}
public void setTimezone(int timezone) {
this.timezone = timezone;
}
public int getSigflags() {
return sigflags;
}
public void setSigflags(int sigflags) {
this.sigflags = sigflags;
}
public int getSnaplen() {
return snaplen;
}
public void setSnaplen(int snaplen) {
this.snaplen = snaplen;
}
public int getLinktype() {
return linktype;
}
public void setLinktype(int linktype) {
this.linktype = linktype;
}
public PcapFileHeader() {}
public PcapFileHeader(int magic, short magorVersion, short minorVersion,
int timezone, int sigflags, int snaplen, int linktype) {
this.magic = magic;
this.magorVersion = magorVersion;
this.minorVersion = minorVersion;
this.timezone = timezone;
this.sigflags = sigflags;
this.snaplen = snaplen;
this.linktype = linktype;
}
@Override
public String toString() {
return "PcapFileHeader [magic=" + DataUtils.intToHexString(magic)
+ ", magorVersion=" + DataUtils.shortToHexString(magorVersion)
+ ", minorVersion=" + DataUtils.shortToHexString(minorVersion)
+ ", timezone=" + DataUtils.intToHexString(timezone)
+ ", sigflags=" + DataUtils.intToHexString(sigflags)
+ ", snaplen=" + DataUtils.intToHexString(snaplen)
+ ", linktype=" + DataUtils.intToHexString(linktype)
+ "]";
}
}
/**
* Pcap
* @author johnnie
*
*/
public class PcapDataHeader {
/**
* ( ):
* 1970 1 1 00:00:00 (4 )
*/
private int timeS;
/**
* ( ): (4 )
*/
private int timeMs;
/**
* : pcap , (4 )
*/
private int caplen;
/**
* : (4 )
* , 。
*/
private int len;
public int getTimeS() {
return timeS;
}
public void setTimeS(int timeS) {
this.timeS = timeS;
}
public int getTimeMs() {
return timeMs;
}
public void setTimeMs(int timeMs) {
this.timeMs = timeMs;
}
public int getCaplen() {
return caplen;
}
public void setCaplen(int caplen) {
this.caplen = caplen;
}
public int getLen() {
return len;
}
public void setLen(int len) {
this.len = len;
}
public PcapDataHeader() {}
@Override
public String toString() {
return "PcapDataHeader [timeS=" + DataUtils.intToHexString(timeS)
+ ", timeMs=" + DataUtils.intToHexString(timeMs)
+ ", caplen=" + caplen
+ ", len=" + len
+ "]";
}
}
/**
* Pcap : ,14 , ,
* @author johnnie
*
*/
public class PcapDataFrame {
/**
* MAC :6 byte
*/
private byte[] desMac;
/**
* MAC :6 byte
*/
private byte[] srcMac;
/**
* :2
*/
private short frameType;
public byte[] getDesMac() {
return desMac;
}
public void setDesMac(byte[] desMac) {
this.desMac = desMac;
}
public byte[] getSrcMac() {
return srcMac;
}
public void setSrcMac(byte[] srcMac) {
this.srcMac = srcMac;
}
public short getFrameType() {
return frameType;
}
public void setFrameType(short frameType) {
this.frameType = frameType;
}
public PcapDataFrame() {}
/**
* Wireshark
*/
@Override
public String toString() {
// frameType
return "PcapDataFrame [frameType=" + DataUtils.shortToHexString(frameType) + "]";
}
}
/**
* IP
* @author johnnie
*
*/
public class IPHeader {
/**
* (4 bit) (4bit) =(1 )
* (Version): 0100(IPv4),0110(IPv6)
* IP 20
*/
private byte varHLen;
/**
* Type of Service: ,(1 )
*/
private byte tos;
/**
* (2 )
*/
private short totalLen;
/**
* (2 )
*/
private short id;
/**
* (2 )
*/
private short flagSegment;
/**
* Time to Live: (1 )
*/
private byte ttl;
/**
* (1 )
*/
private byte protocol;
/**
* (2 )
*/
private short checkSum;
/**
* IP(4 )
*/
private int srcIP;
/**
* IP(4 )
*/
private int dstIP;
public byte getVarHLen() {
return varHLen;
}
public void setVarHLen(byte varHLen) {
this.varHLen = varHLen;
}
public byte getTos() {
return tos;
}
public void setTos(byte tos) {
this.tos = tos;
}
public short getTotalLen() {
return totalLen;
}
public void setTotalLen(short totalLen) {
this.totalLen = totalLen;
}
public short getId() {
return id;
}
public void setId(short id) {
this.id = id;
}
public short getFlagSegment() {
return flagSegment;
}
public void setFlagSegment(short flagSegment) {
this.flagSegment = flagSegment;
}
public byte getTtl() {
return ttl;
}
public void setTtl(byte ttl) {
this.ttl = ttl;
}
public byte getProtocol() {
return protocol;
}
public void setProtocol(byte protocol) {
this.protocol = protocol;
}
public short getCheckSum() {
return checkSum;
}
public void setCheckSum(short checkSum) {
this.checkSum = checkSum;
}
public int getSrcIP() {
return srcIP;
}
public void setSrcIP(int srcIP) {
this.srcIP = srcIP;
}
public int getDstIP() {
return dstIP;
}
public void setDstIP(int dstIP) {
this.dstIP = dstIP;
}
public IPHeader() { }
@Override
public String toString() {
return "IPHeader [varHLen=" + DataUtils.byteToHexString(varHLen)
+ ", tos=" + DataUtils.byteToHexString(tos)
+ ", totalLen=" + totalLen
+ ", id=" + DataUtils.shortToHexString(id)
+ ", flagSegment=" + DataUtils.shortToHexString(flagSegment)
+ ", ttl=" + ttl
+ ", protocol=" + protocol
+ ", checkSum=" + DataUtils.shortToHexString(checkSum)
+ ", srcIP=" + DataUtils.intToHexString(srcIP)
+ ", dstIP=" + DataUtils.intToHexString(dstIP)
+ "]";
}
}
/**
* TCP :20
* @author johnnie
*
*/
public class TCPHeader {
/**
* (2 )
*/
private short srcPort;
/**
* (2 )
*/
private short dstPort;
/**
* Sequence Number: (4 )
*/
private int seqNum;
/**
* (4 )
*/
private int ackNum;
/**
* (4 bit) + (4 bit) = 1 byte
*/
private byte headerLen;
/**
* TCP (1 )
*/
private byte flags;
/**
* , TCP (2 )
*/
private short window;
/**
* (2 )
*/
private short checkSum;
/**
* (2 )
*/
private short urgentPointer;
public short getSrcPort() {
return srcPort;
}
public void setSrcPort(short srcPort) {
this.srcPort = srcPort;
}
public short getDstPort() {
return dstPort;
}
public void setDstPort(short dstPort) {
this.dstPort = dstPort;
}
public int getSeqNum() {
return seqNum;
}
public void setSeqNum(int seqNum) {
this.seqNum = seqNum;
}
public int getAckNum() {
return ackNum;
}
public void setAckNum(int ackNum) {
this.ackNum = ackNum;
}
public byte getHeaderLen() {
return headerLen;
}
public void setHeaderLen(byte headerLen) {
this.headerLen = headerLen;
}
public byte getFlags() {
return flags;
}
public void setFlags(byte flags) {
this.flags = flags;
}
public short getWindow() {
return window;
}
public void setWindow(short window) {
this.window = window;
}
public short getCheckSum() {
return checkSum;
}
public void setCheckSum(short checkSum) {
this.checkSum = checkSum;
}
public short getUrgentPointer() {
return urgentPointer;
}
public void setUrgentPointer(short urgentPointer) {
this.urgentPointer = urgentPointer;
}
public TCPHeader() {}
@Override
public String toString() {
return "TCPHeader [srcPort=" + srcPort
+ ", dstPort=" + dstPort
+ ", seqNum=" + seqNum
+ ", ackNum=" + ackNum
+ ", headerLen=" + headerLen
+ ", flags=" + DataUtils.byteToHexString(flags)
+ ", window=" + window
+ ", checkSum=" + DataUtils.shortToHexString(checkSum)
+ ", urgentPointer=" + urgentPointer
+ "]";
}
}
/**
* UDP : 4 , 2
* @author johnnie
*
*/
public class UDPHeader {
private short srcPort; //
private short dstPort; //
private short length; //
private short checkSum; //
public short getSrcPort() {
return srcPort;
}
public void setSrcPort(short srcPort) {
this.srcPort = srcPort;
}
public short getDstPort() {
return dstPort;
}
public void setDstPort(short dstPort) {
this.dstPort = dstPort;
}
public short getLength() {
return length;
}
public void setLength(short length) {
this.length = length;
}
public short getCheckSum() {
return checkSum;
}
public void setCheckSum(short checkSum) {
this.checkSum = checkSum;
}
public UDPHeader() {}
@Override
public String toString() {
// TODO Auto-generated method stub
return "UDPHeader [srcPort=" + srcPort
+ ", dstPort=" + dstPort
+ ", length=" + length
+ ", checkSum=" + DataUtils.shortToHexString(checkSum)
+ "]";
}
}
/**
*
* @author johnnie
*
*/
public enum ProtocolType {
OTHER("0"), // : 0
TCP("6"), // TCP :6
UDP("17"); // UDP :17
private String type;
public String getType() {
return type;
}
public void setType(String type) {
this.type = type;
}
private ProtocolType(String type) {
this.type = type;
}
}
/**
* ,
* @author johnnie
*
*/
public class ProtocolData {
String srcIP; // IP
String desIP; // IP
String srcPort; //
String desPort; //
ProtocolType protocolType = ProtocolType.OTHER; //
public String getSrcIP() {
return srcIP;
}
public void setSrcIP(String srcIP) {
this.srcIP = srcIP;
}
public String getDesIP() {
return desIP;
}
public void setDesIP(String desIP) {
this.desIP = desIP;
}
public String getSrcPort() {
return srcPort;
}
public void setSrcPort(String srcPort) {
this.srcPort = srcPort;
}
public String getDesPort() {
return desPort;
}
public void setDesPort(String desPort) {
this.desPort = desPort;
}
public ProtocolType getProtocolType() {
return protocolType;
}
public void setProtocolType(ProtocolType protocolType) {
this.protocolType = protocolType;
}
public ProtocolData() {
// TODO Auto-generated constructor stub
}
public ProtocolData(String srcIP, String desIP, String srcPort,
String desPort, ProtocolType protocolType) {
this.srcIP = srcIP;
this.desIP = desIP;
this.srcPort = srcPort;
this.desPort = desPort;
this.protocolType = protocolType;
}
@Override
public String toString() {
return "ProtocolData [srcIP=" + srcIP
+ ", desIP=" + desIP
+ ", srcPort=" + srcPort
+ ", desPort=" + desPort
+ ", protocolType=" + protocolType
+ "]";
}
}
/**
* Pcap
* @author johnnie
*
*/
public class PcapStruct {
private PcapFileHeader fileHeader;
private List dataHeaders;
public PcapFileHeader getFileHeader() {
return fileHeader;
}
public void setFileHeader(PcapFileHeader fileHeader) {
this.fileHeader = fileHeader;
}
public List getDataHeaders() {
return dataHeaders;
}
public void setDataHeaders(List dataHeaders) {
this.dataHeaders = dataHeaders;
}
public PcapStruct() {}
}