Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Support importing PCAP files
See original GitHub issuePrerequisites
- [ X] Put an X between the brackets on this line if you have done all of the following:
- Running the latest version of Constellation
- Attached the Support Package via
Help>Support Package - Checked the FAQs: https://github.com/constellation-app/constellation/wiki/FAQ
- Checked that your issue isn’t already filed: https://github.com/constellation-app/constellation/issues
- Checked that there is not already a module that provides the described functionality: https://github.com/constellation-app/constellation/wiki/Catalogue-of-Repositories
Description
v2.0.0-rc2 Unable to import pcap files directly from wireshark
Steps to Reproduce
- Capture files in wireshark and save
- Use File>Import to attempt to upload .pcap files
- No option in File>Import
- If attempt is made through the >File>Open then it is not read correctly
Expected behaviour: [What you expect to happen] File to open much the same as a .csv would
Actual behaviour: [What actually happens] If an attempt is made ot open te file through the File>Open path the follwoing is displayed:
If the user selects proceed, the following is displayed:
Reproduces how often: [What percentage of the time does it reproduce?] 100%
Additional Information
Any additional information, configuration or data that might be necessary to reproduce the issue.
Issue Analytics
- State:
- Created 3 years ago
- Comments:12
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Have started initially, by prototyping the pkts library (https://github.com/aboutsip/pkts) which produced the following results with the first sample dataset I downloaded - fuzz-2006-06-26-2594.pcap:
However I have found some other sameple files throwing exceptions, which seems to relate potentially to packets not identified as TCP or UDP in Wireshark … although I need to confirm this.
There are other libraries worth trying, such as https://sourceforge.net/projects/jnetpcap/ which I intend to try before moving on to diagnose any pkts errors.
https://stackoverflow.com/questions/26978618/java-pcap-file-parser-library describes a few of the packages.
I tried including jnetpcap - it doesn’t reside in either of the current configured repos (central.maven.org, or repo.osgeo.org, but in https://clojars.org/repo/). I tried configuring this repo in ivysettings.xml and ivy.xml, but I get errors indicating the required package “<dependency org="jnetpcap" name="jnetpcap" rev="1.4.r1425-1g"/>” cant be found. I’m unsure why as manually entering the url indicted in the netbeans install log does resolve to valid files.
Again, thank you for this work @serpens24 and to also contributing it to the ACSC Cyber repo (https://github.com/AustralianCyberSecurityCentre/constellation_cyber_plugins/pull/4). I’ll look to create a new version of Constellation and the Cyber version soon.