3 # Run the mergecap unit tests
5 # Wireshark - Network traffic analyzer
6 # By Gerald Combs <gerald@wireshark.org>
8 # This program is free software; you can redistribute it and/or
9 # modify it under the terms of the GNU General Public License
10 # as published by the Free Software Foundation; either version 2
11 # of the License, or (at your option) any later version.
13 # This program is distributed in the hope that it will be useful,
14 # but WITHOUT ANY WARRANTY; without even the implied warranty of
15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 # GNU General Public License for more details.
18 # You should have received a copy of the GNU General Public License
19 # along with this program; if not, write to the Free Software
20 # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
23 # common checking code:
24 # arg 1 = return value from mergecap command
25 # arg 2 = file type string
27 # arg 4 = number of IDBs generated
28 # arg 5 = number of file packets merged
29 # arg 6 = number of some IDB packets merged
30 mergecap_common_check() {
31 if [ ! $1 -eq $EXIT_OK ]; then
34 test_step_failed "exit status of mergecap: $1"
38 grep -q "merging complete" testout.txt
41 test_step_failed "mergecap didn't complete"
44 $CAPINFOS -tEIc ./testout.pcap > capinfo_testout.txt 2>&1
46 if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
49 cat ./capinfo_testout.txt
50 test_step_failed "exit status of capinfos: $RETURNVALUE"
54 grep -Eiq "File type:[[:blank:]]+$2" capinfo_testout.txt
57 cat ./capinfo_testout.txt
58 test_step_failed "mergecap output format was not '$2'"
61 grep -Eiq "File encapsulation:[[:blank:]]+$3" capinfo_testout.txt
64 cat ./capinfo_testout.txt
65 test_step_failed "mergecap output encap type was not '$3'"
68 grep -Eiq "Number of interfaces in file:[[:blank:]]+$4" capinfo_testout.txt
71 cat ./capinfo_testout.txt
72 test_step_failed "mergecap output did not generate only $4 IDB"
75 # this checks the file's number of packets
76 grep -Eiq "Number of packets:[[:blank:]]+$5" capinfo_testout.txt
79 cat ./capinfo_testout.txt
80 test_step_failed "mergecap output did not generate $5 packets for file"
83 # this checks the IDB number of packets
84 grep -Eiq "Number of packets =[[:blank:]]+$6" capinfo_testout.txt
87 cat ./capinfo_testout.txt
88 test_step_failed "mergecap output did not generate $6 packets in IDB"
94 # this is a common one for legacy PCAP output
95 # for this, arg1=returnvalue, arg2=#of file and IDB packets
96 mergecap_common_pcap_pkt() {
97 mergecap_common_check "$1" 'Wireshark/tcpdump/... - pcap' "Ethernet" "1" "$2" "$2"
100 # this is a common one for PCAPNG output
101 # for this, arg1=returnvalue, arg2=encap type, arg3=#of IDBs, arg4=# of file pkts, arg5=# of IDB pkts
102 mergecap_common_pcapng_pkt() {
103 mergecap_common_check "$1" 'Wireshark/... - pcapng' "$2" "$3" "$4" "$5"
108 mergecap_step_basic_1_pcap_pcap_test() {
109 $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
111 mergecap_common_pcap_pkt $RETURNVALUE 4
115 mergecap_step_basic_2_pcap_pcap_test() {
116 $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
118 mergecap_common_pcap_pkt $RETURNVALUE 8
122 mergecap_step_basic_3_empty_pcap_pcap_test() {
123 $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}empty.pcap" "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}empty.pcap" > testout.txt 2>&1
125 mergecap_common_pcap_pkt $RETURNVALUE 4
129 mergecap_step_basic_2_nano_pcap_pcap_test() {
130 $MERGECAP -vF pcap -w testout.pcap "${CAPTURE_DIR}dhcp-nanosecond.pcap" "${CAPTURE_DIR}rsasnakeoil2.pcap" > testout.txt 2>&1
132 mergecap_common_pcap_pkt $RETURNVALUE 62
136 mergecap_step_basic_1_pcap_pcapng_test() {
137 $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
139 mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 4 4
143 mergecap_step_basic_2_pcap_pcapng_test() {
144 $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
146 mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
150 mergecap_step_basic_2_pcap_none_pcapng_test() {
151 $MERGECAP -vI 'none' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
153 mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 2 8 4
157 mergecap_step_basic_2_pcap_all_pcapng_test() {
158 $MERGECAP -vI 'all' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
160 mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
164 mergecap_step_basic_2_pcap_any_pcapng_test() {
165 $MERGECAP -vI 'any' -w testout.pcap "${CAPTURE_DIR}dhcp.pcap" "${CAPTURE_DIR}dhcp.pcap" > testout.txt 2>&1
167 mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
171 mergecap_step_basic_1_pcapng_pcapng_test() {
172 $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}dhcp.pcapng" > testout.txt 2>&1
174 mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 4 4
178 mergecap_step_1_pcapng_many_pcapng_test() {
179 $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}many_interfaces.pcapng.1" > testout.txt 2>&1
181 mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 64 62
185 mergecap_step_3_pcapng_pcapng_test() {
186 $MERGECAP -v -w testout.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
188 mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 88 86
192 mergecap_step_3_pcapng_none_pcapng_test() {
193 $MERGECAP -vI 'none' -w testout.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
195 mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 33 88 62
199 mergecap_step_3_pcapng_all_pcapng_test() {
200 # build a pcapng of all the interfaces repeated by using mode 'none'
201 $MERGECAP -vI 'none' -w testin.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
202 # the above generated 33 IDBs, 88 total pkts, 62 in first IDB
204 # and use that generated pcap for our test
205 $MERGECAP -vI 'all' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1
207 # check for 33 IDBs, 88*3=264 total pkts, 62*3=186 in first IDB
208 mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 33 264 186
212 mergecap_step_3_pcapng_any_pcapng_test() {
213 # build a pcapng of all the interfaces repeated by using mode 'none'
214 $MERGECAP -vI 'none' -w testin.pcap "${CAPTURE_DIR}"many_interfaces.pcapng* > testout.txt 2>&1
215 # the above generated 33 IDBs, 88 total pkts, 62 in first IDB
217 # and use that generated pcap for our test
218 $MERGECAP -vI 'any' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1
220 # check for 11 IDBs, 88*3=264 total pkts, 86*3=258 in first IDB
221 mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 264 258
226 mergecap_cleanup_step() {
228 rm -f ./capinfo_testout.txt
234 test_step_set_pre mergecap_cleanup_step
235 test_step_set_post mergecap_cleanup_step
236 test_step_add "1 pcap in ----> pcap out" mergecap_step_basic_1_pcap_pcap_test
237 test_step_add "2 pcaps in ---> pcap out" mergecap_step_basic_2_pcap_pcap_test
238 test_step_add "3 pcaps in ---> pcap out; two are empty" mergecap_step_basic_3_empty_pcap_pcap_test
239 test_step_add "2 pcaps in ---> pcap out; one is nanosecond pcap" mergecap_step_basic_2_nano_pcap_pcap_test
241 test_step_add "1 pcap in ----> pcapng out" mergecap_step_basic_1_pcap_pcapng_test
242 test_step_add "2 pcaps in ---> pcapng out" mergecap_step_basic_2_pcap_pcapng_test
243 test_step_add "2 pcaps in ---> pcapng out; merge mode none" mergecap_step_basic_2_pcap_none_pcapng_test
244 test_step_add "2 pcaps in ---> pcapng out; merge mode all" mergecap_step_basic_2_pcap_all_pcapng_test
245 test_step_add "2 pcaps in ---> pcapng out; merge mode any" mergecap_step_basic_2_pcap_any_pcapng_test
247 test_step_add "1 pcapng in --> pcapng out" mergecap_step_basic_1_pcapng_pcapng_test
248 test_step_add "1 pcapng in --> pcapng out; many interfaces" mergecap_step_1_pcapng_many_pcapng_test
249 test_step_add "3 pcapngs in -> pcapng out; wildcarded" mergecap_step_3_pcapng_pcapng_test
250 test_step_add "3 pcapngs in -> pcapng out; merge mode none" mergecap_step_3_pcapng_none_pcapng_test
251 test_step_add "3 pcapngs in -> pcapng out; merge mode all" mergecap_step_3_pcapng_all_pcapng_test
252 test_step_add "3 pcapngs in -> pcapng out; merge mode any" mergecap_step_3_pcapng_any_pcapng_test
256 # Editor modelines - https://www.wireshark.org/tools/modelines.html
261 # indent-tabs-mode: t
264 # vi: set shiftwidth=8 tabstop=8 noexpandtab:
265 # :indentSize=8:tabSize=8:noTabs=false: