Java PCAP file parser library

Question

I'm looking for a fast way to parse PCAP file packets.

I'm currently using jNetPcap like so:

Pcap pcap = Pcap.openOffline(file, errbuf);
pcap.loop(10, jpacketHandler, "jNetPcap rocks!");

But it is pretty slow, is there any other good Java libraries that can parse PCAP files?

Answer 1

Just stumbled upon pcap parsing task in Java and found a pcap parser in Kaitai Struct. Surprisingly, it turns out to be blazing fast — probably because it's not a wrapper over C pcap library, but just a raw parser instead. My average results (on the same box, of course) are as following:

• jpcap - 10,301 pps
• jnetpcap - 15,148 pps
• pcap.ksy in Kaitai Struct - 121,176 pps

So, if you don't need capturing, I wholeheartedly recommend trying out Kaitai Struct parser.