Use interface '1' for the capture tests;
[obnox/wireshark/wip.git] / test / suite-capture.sh
1 #!/bin/bash
2 #
3 # Test the capture engine of the Wireshark tools
4 #
5 # $Id$
6 #
7 # Wireshark - Network traffic analyzer
8 # By Gerald Combs <gerald@wireshark.org>
9 # Copyright 2005 Ulf Lamping
10 #
11 # This program is free software; you can redistribute it and/or
12 # modify it under the terms of the GNU General Public License
13 # as published by the Free Software Foundation; either version 2
14 # of the License, or (at your option) any later version.
15 #
16 # This program is distributed in the hope that it will be useful,
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19 # GNU General Public License for more details.
20 #
21 # You should have received a copy of the GNU General Public License
22 # along with this program; if not, writeto the Free Software
23 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
24 #
25
26
27 # common exit status values
28 EXIT_OK=0
29 EXIT_COMMAND_LINE=1
30 EXIT_ERROR=2
31
32 traffic_gen_ping() {
33         # Generate some traffic for quiet networks.
34         # This will have to be adjusted for non-Windows systems.
35         ping -n 20 www.wireshark.org > ./pingout.txt 2>&1 &
36 }
37
38 # capture exactly 10 packets
39 capture_step_10packets() {
40         if [ "$WS_SYSTEM" != "Windows" ] ; then
41                 test_step_skipped
42                 return
43         fi
44
45         traffic_gen_ping
46         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
47                 -w ./testout.pcap \
48                 -c 10  \
49                 -a duration:$TRAFFIC_CAPTURE_DURATION \
50                 icmp \
51                 > ./testout.txt 2>&1
52         RETURNVALUE=$?
53         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
54                 wait  # for ping to complete
55                 echo
56                 cat ./testout.txt
57                 cat ./pingout.txt
58                 # part of the Prerequisite checks
59                 # wrong interface ? output the possible interfaces
60                 $TSHARK -D
61                 test_step_failed "exit status of $DUT: $RETURNVALUE"
62                 return
63         fi
64
65         # we should have an output file now
66         if [ ! -f "./testout.pcap" ]; then
67                 test_step_failed "No output file!"
68                 return
69         fi
70
71         # ok, we got a capture file, does it contain exactly 10 packets?
72         $CAPINFOS ./testout.pcap > ./testout.txt
73         grep -i 'Number of packets: 10' ./testout.txt > /dev/null
74         if [ $? -eq 0 ]; then
75                 test_step_ok
76         else
77                 wait  # for ping to complete
78                 echo
79                 cat ./testout.txt
80                 cat ./pingout.txt
81                 # part of the Prerequisite checks
82                 # probably wrong interface, output the possible interfaces
83                 $TSHARK -D
84                 test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
85         fi
86 }
87
88 # capture exactly 10 packets using "-w -" (piping to stdout)
89 capture_step_10packets_stdout() {
90         if [ "$WS_SYSTEM" != "Windows" ] ; then
91                 test_step_skipped
92                 return
93         fi
94
95         traffic_gen_ping
96         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
97                 -c 10 \
98                 -a duration:$TRAFFIC_CAPTURE_DURATION \
99                 -w - \
100                 icmp \
101                 > ./testout.pcap 2>./testout.txt
102         RETURNVALUE=$?
103         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
104                 wait  # for ping to complete
105                 echo
106                 cat ./testout.txt
107                 cat ./pingout.txt
108                 $TSHARK -D
109                 test_step_failed "exit status of $DUT: $RETURNVALUE"
110                 return
111         fi
112
113         # we should have an output file now
114         if [ ! -f "./testout.pcap" ]; then
115                 test_step_failed "No output file!"
116                 return
117         fi
118
119         # ok, we got a capture file, does it contain exactly 10 packets?
120         $CAPINFOS ./testout.pcap > ./testout2.txt 2>&1
121         grep -i 'Number of packets: 10' ./testout2.txt > /dev/null
122         if [ $? -eq 0 ]; then
123                 test_step_ok
124         else
125                 echo
126                 wait  # for ping to complete
127                 cat ./testout.txt
128                 cat ./testout2.txt
129                 cat ./pingout.txt
130                 $TSHARK -D
131                 test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
132         fi
133 }
134
135 # capture packets via a fifo
136 capture_step_fifo() {
137         mkfifo 'fifo'
138         (cat $CAPFILE; sleep 1; tail -c +25 $CAPFILE) > fifo &
139         $DUT -i fifo $TRAFFIC_CAPTURE_PROMISC \
140                 -w ./testout.pcap \
141                 -a duration:$TRAFFIC_CAPTURE_DURATION \
142                 > ./testout.txt 2>&1
143         RETURNVALUE=$?
144         rm 'fifo'
145         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
146                 test_step_failed "exit status of $DUT: $RETURNVALUE"
147                 return
148         fi
149
150         # we should have an output file now
151         if [ ! -f "./testout.pcap" ]; then
152                 test_step_failed "No output file!"
153                 return
154         fi
155
156         # ok, we got a capture file, does it contain exactly 8 packets?
157         $CAPINFOS ./testout.pcap > ./testout.txt
158         grep -i 'Number of packets: 8' ./testout.txt > /dev/null
159         if [ $? -eq 0 ]; then
160                 test_step_ok
161         else
162                 echo
163                 cat ./testout.txt
164                 test_step_failed "No or not enough traffic captured."
165         fi
166 }
167
168 # capture exactly 2 times 10 packets (multiple files)
169 capture_step_2multi_10packets() {
170         if [ "$WS_SYSTEM" != "Windows" ] ; then
171                 test_step_skipped
172                 return
173         fi
174
175         traffic_gen_ping
176         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
177                 -w ./testout.pcap \
178                 -c 10 \
179                 -a duration:$TRAFFIC_CAPTURE_DURATION \
180                 icmp
181                 > ./testout.txt 2>&1
182
183         RETURNVALUE=$?
184         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
185                 wait  # for ping to complete
186                 echo
187                 cat ./testout.txt
188                 cat ./pingout.txt
189                 # part of the Prerequisite checks
190                 # probably wrong interface, output the possible interfaces
191                 $TSHARK -D
192                 test_step_failed "exit status of $DUT: $RETURNVALUE"
193                 return
194         fi
195
196         # we should have an output file now
197         if [ ! -f "./testout.pcap" ]; then
198                 test_step_failed "No output file!"
199                 return
200         fi
201
202         # ok, we got a capture file, does it contain exactly 10 packets?
203         $CAPINFOS ./testout.pcap > ./testout.txt
204         grep -i 'Number of packets: 10' ./testout.txt > /dev/null
205         if [ $? -eq 0 ]; then
206                 test_step_ok
207         else
208                 echo
209                 cat ./testout.txt
210                 test_step_failed "Probably the wrong interface (no traffic captured)!"
211         fi
212 }
213
214 # capture with a very unlikely read filter, packets must be zero afterwards
215 capture_step_read_filter() {
216         if [ "$WS_SYSTEM" != "Windows" ] ; then
217                 test_step_skipped
218                 return
219         fi
220
221         traffic_gen_ping
222         # valid, but very unlikely filter
223         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
224                 -w ./testout.pcap \
225                 -a duration:$TRAFFIC_CAPTURE_DURATION \
226                 -R 'dcerpc.cn_call_id==123456' \
227                 -c 10 \
228                 icmp
229                 > ./testout.txt 2>&1
230         RETURNVALUE=$?
231         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
232                 wait  # for ping to complete
233                 echo
234                 cat ./testout.txt
235                 cat ./pingout.txt
236                 # part of the Prerequisite checks
237                 # wrong interface ? output the possible interfaces
238                 $TSHARK -D
239                 test_step_failed "exit status: $RETURNVALUE"
240                 return
241         fi
242
243         # we should have an output file now
244         if [ ! -f "./testout.pcap" ]; then
245                 test_step_failed "No output file!"
246                 return
247         fi
248
249         # ok, we got a capture file, does it contain exactly 0 packets?
250         $CAPINFOS ./testout.pcap > ./testout.txt
251         grep -i 'Number of packets: 0' ./testout.txt > /dev/null
252         if [ $? -eq 0 ]; then
253                 test_step_ok
254         else
255                 echo
256                 cat ./testout.txt
257                 test_step_failed "Capture file should contain zero packets!"
258         fi
259 }
260
261
262 # capture with a snapshot length
263 capture_step_snapshot() {
264         if [ "$WS_SYSTEM" != "Windows" ] ; then
265                 test_step_skipped
266                 return
267         fi
268
269         traffic_gen_ping
270
271         # capture with a snapshot length of 68 bytes for $TRAFFIC_CAPTURE_DURATION seconds
272         # this should result in no packets
273         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
274                 -w ./testout.pcap \
275                 -s 68 \
276                 -a duration:$TRAFFIC_CAPTURE_DURATION
277                 icmp \
278                 > ./testout.txt 2>&1
279         RETURNVALUE=$?
280         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
281                 wait  # for ping to complete
282                 echo
283                 cat ./testout.txt
284                 cat ./pingout.txt
285                 # part of the Prerequisite checks
286                 # wrong interface ? output the possible interfaces
287                 $TSHARK -D
288                 test_step_failed "exit status: $RETURNVALUE"
289                 return
290         fi
291
292         # we should have an output file now
293         if [ ! -f "./testout.pcap" ]; then
294                 test_step_failed "No output file!"
295                 return
296         fi
297
298         # use tshark to filter out all packets, which are larger than 68 bytes
299         $TSHARK -r ./testout.pcap -w ./testout2.pcap -R 'frame.cap_len>68' > ./testout.txt 2>&1
300
301         # ok, we got a capture file, does it contain exactly 0 packets?
302         $CAPINFOS ./testout2.pcap > ./testout.txt
303         grep -i 'Number of packets: 0' ./testout.txt > /dev/null
304         if [ $? -eq 0 ]; then
305                 test_step_ok
306         else
307                 echo
308                 cat ./testout.txt
309                 test_step_failed "Capture file should contain zero packets!"
310                 return
311         fi
312 }
313
314 wireshark_capture_suite() {
315         # Q: quit after cap, k: start capture immediately
316         DUT="$WIRESHARK -Q -k"
317         test_step_add "Capture 10 packets" capture_step_10packets
318         # piping to stdout doesn't work with Wireshark and capturing!
319         #test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
320         # read filter doesn't work with Wireshark and capturing!
321         #test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
322         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
323 }
324
325 tshark_capture_suite() {
326         DUT=$TSHARK
327         test_step_add "Capture 10 packets" capture_step_10packets
328         test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
329         if [ $TEST_FIFO ]; then
330                 test_step_add "Capture via fifo" capture_step_fifo
331         fi
332         test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
333         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
334 }
335
336 dumpcap_capture_suite() {
337         #DUT="$DUMPCAP -Q"
338         DUT=$DUMPCAP
339         test_step_add "Capture 10 packets" capture_step_10packets
340         test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
341         if [ $TEST_FIFO ]; then
342                 test_step_add "Capture via fifo" capture_step_fifo
343         fi
344         # read (display) filters intentionally doesn't work with dumpcap!
345         #test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
346         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
347 }
348
349 capture_cleanup_step() {
350         rm -f ./testout.txt
351         rm -f ./testout2.txt
352         rm -f ./testout.pcap
353         rm -f ./testout2.pcap
354         rm -f ./pingout.txt
355 }
356
357 capture_suite() {
358         test_step_set_pre capture_cleanup_step
359         test_step_set_post capture_cleanup_step
360         test_remark_add "Capture - need some traffic on interface: \"$TRAFFIC_CAPTURE_IFACE\""
361         test_suite_add "TShark capture" tshark_capture_suite
362         test_suite_add "Wireshark capture" wireshark_capture_suite
363         test_suite_add "Dumpcap capture" dumpcap_capture_suite
364 }