Certain bits of traffic (especially around the establishment of a session) are not being fed to the packet interceptor. You could argue that this data isn’t even an XMPP stanza (which is what Packet implements/represents) in the first place.
If you need to programatically intercept these handshakes (why?!) then I fear you’ll need to find something in a third-party API (like MINA’s).
It is pretty strange I know to intercept handshake but to simplify I know who are the clients (got certificates etc …) and I want to reduce at minimum the traffic so I want to make a plugin to do the handshake locally.
I’m not sure what optimization you are after, but I advise you too have a look at pre-existing documentation on how to improve the amount of round-trips during authentication/authorization. There are various XMPP specifications published by the XSF that address this issue. It might be worth it (faster to implement, more re-usable, etc) to investigate if you can use any of those, instead of inventing your own solution!