Additoinal diagnostic info in output logs
[obnox/wireshark/wip.git] / test / suite-capture.sh
1 #!/bin/bash
2 #
3 # Test the capture engine of the Wireshark tools
4 #
5 # $Id$
6 #
7 # Wireshark - Network traffic analyzer
8 # By Gerald Combs <gerald@wireshark.org>
9 # Copyright 2005 Ulf Lamping
10 #
11 # This program is free software; you can redistribute it and/or
12 # modify it under the terms of the GNU General Public License
13 # as published by the Free Software Foundation; either version 2
14 # of the License, or (at your option) any later version.
15 #
16 # This program is distributed in the hope that it will be useful,
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19 # GNU General Public License for more details.
20 #
21 # You should have received a copy of the GNU General Public License
22 # along with this program; if not, writeto the Free Software
23 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
24 #
25
26
27 # common exit status values
28 EXIT_OK=0
29 EXIT_COMMAND_LINE=1
30 EXIT_ERROR=2
31
32 capture_test_output_print() {
33         wait
34         for f in "$@"; do
35                 if [[ -f "$f" ]]; then
36                 printf " --> $f\n"
37                 cat "$f"
38                 printf "\n"
39                 fi
40         done
41 }
42
43 traffic_gen_ping() {
44         # Generate some traffic for quiet networks.
45         # This will have to be adjusted for non-Windows systems.
46 ##      ping -n 20 www.wireshark.org > /dev/null 2>&1 &
47
48         { date; ping -n 20 www.wireshark.org; date; } > ./testout_ping.txt 2>&1 &
49 }
50
51 ping_cleanup() {
52         wait
53         rm -f ./testout_ping.txt
54 }
55
56 # capture exactly 10 packets
57 capture_step_10packets() {
58         if [ "$WS_SYSTEM" != "Windows" ] ; then
59                 test_step_skipped
60                 return
61         fi
62
63         traffic_gen_ping
64
65         date > ./testout.txt
66         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
67                 -w ./testout.pcap \
68                 -c 10  \
69                 -a duration:$TRAFFIC_CAPTURE_DURATION \
70                 -f icmp \
71                 >> ./testout.txt 2>&1
72         RETURNVALUE=$?
73         date >> ./testout.txt
74         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
75                 echo
76                 capture_test_output_print ./testout.txt
77                 # part of the Prerequisite checks
78                 # wrong interface ? output the possible interfaces
79                 $TSHARK -D
80                 test_step_failed "exit status of $DUT: $RETURNVALUE"
81                 return
82         fi
83
84         # we should have an output file now
85         if [ ! -f "./testout.pcap" ]; then
86         capture_test_output ./testout.txt
87                 test_step_failed "No output file!"
88                 return
89         fi
90
91         # ok, we got a capture file, does it contain exactly 10 packets?
92         $CAPINFOS ./testout.pcap > ./testout2.txt
93         grep -i 'Number of packets: 10' ./testout2.txt > /dev/null
94         if [ $? -eq 0 ]; then
95                 test_step_ok
96         else
97                 echo
98                 capture_test_output_print ./testout_ping.txt ./testout.txt ./testout2.txt
99                 # part of the Prerequisite checks
100                 # probably wrong interface, output the possible interfaces
101                 $TSHARK -D
102                 test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
103         fi
104 }
105
106 # capture exactly 10 packets using "-w -" (piping to stdout)
107 capture_step_10packets_stdout() {
108         if [ "$WS_SYSTEM" != "Windows" ] ; then
109                 test_step_skipped
110                 return
111         fi
112
113         traffic_gen_ping
114
115         date > ./testout.txt
116         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
117                 -c 10 \
118                 -a duration:$TRAFFIC_CAPTURE_DURATION \
119                 -w - \
120                 -f icmp \
121                 > ./testout.pcap 2>>./testout.txt
122         RETURNVALUE=$?
123         date >> ./testout.txt
124         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
125                 echo
126                 cat ./testout.txt
127                 $TSHARK -D
128                 test_step_failed "exit status of $DUT: $RETURNVALUE"
129                 return
130         fi
131
132         # we should have an output file now
133         if [ ! -f "./testout.pcap" ]; then
134                 test_step_failed "No output file!"
135                 return
136         fi
137
138         # ok, we got a capture file, does it contain exactly 10 packets?
139         $CAPINFOS ./testout.pcap > ./testout2.txt 2>&1
140         grep -i 'Number of packets: 10' ./testout2.txt > /dev/null
141         if [ $? -eq 0 ]; then
142                 test_step_ok
143         else
144                 echo
145                 cat ./testout.txt
146                 cat ./testout2.txt
147                 $TSHARK -D
148                 test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
149         fi
150 }
151
152 # capture packets via a fifo
153 capture_step_fifo() {
154         mkfifo 'fifo'
155         (cat $CAPFILE; sleep 1; tail -c +25 $CAPFILE) > fifo &
156         $DUT -i fifo $TRAFFIC_CAPTURE_PROMISC \
157                 -w ./testout.pcap \
158                 -a duration:$TRAFFIC_CAPTURE_DURATION \
159                 > ./testout.txt 2>&1
160         RETURNVALUE=$?
161         rm 'fifo'
162         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
163                 test_step_failed "exit status of $DUT: $RETURNVALUE"
164                 return
165         fi
166
167         # we should have an output file now
168         if [ ! -f "./testout.pcap" ]; then
169                 test_step_failed "No output file!"
170                 return
171         fi
172
173         # ok, we got a capture file, does it contain exactly 8 packets?
174         $CAPINFOS ./testout.pcap > ./testout.txt
175         grep -i 'Number of packets: 8' ./testout.txt > /dev/null
176         if [ $? -eq 0 ]; then
177                 test_step_ok
178         else
179                 echo
180                 cat ./testout.txt
181                 test_step_failed "No or not enough traffic captured."
182         fi
183 }
184
185 # capture exactly 2 times 10 packets (multiple files)
186 capture_step_2multi_10packets() {
187         if [ "$WS_SYSTEM" != "Windows" ] ; then
188                 test_step_skipped
189                 return
190         fi
191
192         traffic_gen_ping
193
194         date > ./testout.txt
195         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
196                 -w ./testout.pcap \
197                 -c 10 \
198                 -a duration:$TRAFFIC_CAPTURE_DURATION \
199                 -f icmp \
200                 >> ./testout.txt 2>&1
201
202         RETURNVALUE=$?
203         date >> ./testout.txt
204         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
205                 echo
206                 cat ./testout.txt
207                 # part of the Prerequisite checks
208                 # probably wrong interface, output the possible interfaces
209                 $TSHARK -D
210                 test_step_failed "exit status of $DUT: $RETURNVALUE"
211                 return
212         fi
213
214         # we should have an output file now
215         if [ ! -f "./testout.pcap" ]; then
216                 test_step_failed "No output file!"
217                 return
218         fi
219
220         # ok, we got a capture file, does it contain exactly 10 packets?
221         $CAPINFOS ./testout.pcap > ./testout.txt
222         grep -i 'Number of packets: 10' ./testout.txt > /dev/null
223         if [ $? -eq 0 ]; then
224                 test_step_ok
225         else
226                 echo
227                 cat ./testout.txt
228                 test_step_failed "Probably the wrong interface (no traffic captured)!"
229         fi
230 }
231
232 # capture with a very unlikely read filter, packets must be zero afterwards
233 capture_step_read_filter() {
234         if [ "$WS_SYSTEM" != "Windows" ] ; then
235                 test_step_skipped
236                 return
237         fi
238
239         traffic_gen_ping
240
241         # valid, but very unlikely filter
242         date > ./testout.txt
243         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
244                 -w ./testout.pcap \
245                 -a duration:$TRAFFIC_CAPTURE_DURATION \
246                 -R 'dcerpc.cn_call_id==123456' \
247                 -c 10 \
248                 -f icmp \
249                 >> ./testout.txt 2>&1
250         RETURNVALUE=$?
251         date >> ./testout.txt
252         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
253                 echo
254                 cat ./testout.txt
255                 # part of the Prerequisite checks
256                 # wrong interface ? output the possible interfaces
257                 $TSHARK -D
258                 test_step_failed "exit status: $RETURNVALUE"
259                 return
260         fi
261
262         # we should have an output file now
263         if [ ! -f "./testout.pcap" ]; then
264                 test_step_failed "No output file!"
265                 return
266         fi
267
268         # ok, we got a capture file, does it contain exactly 0 packets?
269         $CAPINFOS ./testout.pcap > ./testout.txt
270         grep -i 'Number of packets: 0' ./testout.txt > /dev/null
271         if [ $? -eq 0 ]; then
272                 test_step_ok
273         else
274                 echo
275                 cat ./testout.txt
276                 test_step_failed "Capture file should contain zero packets!"
277         fi
278 }
279
280
281 # capture with a snapshot length
282 capture_step_snapshot() {
283         if [ "$WS_SYSTEM" != "Windows" ] ; then
284                 test_step_skipped
285                 return
286         fi
287
288         traffic_gen_ping
289
290         # capture with a snapshot length of 68 bytes for $TRAFFIC_CAPTURE_DURATION seconds
291         # this should result in no packets
292         date > ./testout.txt
293         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
294                 -w ./testout.pcap \
295                 -s 68 \
296                 -a duration:$TRAFFIC_CAPTURE_DURATION \
297                 -f icmp \
298                 >> ./testout.txt 2>&1
299         RETURNVALUE=$?
300         date >> ./testout.txt
301         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
302                 echo
303                 cat ./testout.txt
304                 # part of the Prerequisite checks
305                 # wrong interface ? output the possible interfaces
306                 $TSHARK -D
307                 test_step_failed "exit status: $RETURNVALUE"
308                 return
309         fi
310
311         # we should have an output file now
312         if [ ! -f "./testout.pcap" ]; then
313                 test_step_failed "No output file!"
314                 return
315         fi
316
317         # use tshark to filter out all packets, which are larger than 68 bytes
318         $TSHARK -r ./testout.pcap -w ./testout2.pcap -R 'frame.cap_len>68' > ./testout.txt 2>&1
319
320         # ok, we got a capture file, does it contain exactly 0 packets?
321         $CAPINFOS ./testout2.pcap > ./testout.txt
322         grep -i 'Number of packets: 0' ./testout.txt > /dev/null
323         if [ $? -eq 0 ]; then
324                 test_step_ok
325         else
326                 echo
327                 cat ./testout.txt
328                 test_step_failed "Capture file should contain zero packets!"
329                 return
330         fi
331 }
332
333 wireshark_capture_suite() {
334         # Q: quit after cap, k: start capture immediately
335         DUT="$WIRESHARK -Q -k"
336         test_step_add "Capture 10 packets" capture_step_10packets
337         # piping to stdout doesn't work with Wireshark and capturing!
338         #test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
339         # read filter doesn't work with Wireshark and capturing!
340         #test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
341         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
342 }
343
344 tshark_capture_suite() {
345         DUT=$TSHARK
346         test_step_add "Capture 10 packets" capture_step_10packets
347         test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
348         if [ $TEST_FIFO ]; then
349                 test_step_add "Capture via fifo" capture_step_fifo
350         fi
351         test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
352         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
353 }
354
355 dumpcap_capture_suite() {
356         #DUT="$DUMPCAP -Q"
357         DUT=$DUMPCAP
358         test_step_add "Capture 10 packets" capture_step_10packets
359         test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
360         if [ $TEST_FIFO ]; then
361                 test_step_add "Capture via fifo" capture_step_fifo
362         fi
363         # read (display) filters intentionally doesn't work with dumpcap!
364         #test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
365         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
366 }
367
368 capture_cleanup_step() {
369         ping_cleanup
370         rm -f ./testout.txt
371         rm -f ./testout2.txt
372         rm -f ./testout.pcap
373         rm -f ./testout2.pcap
374 }
375
376 capture_suite() {
377         test_step_set_pre capture_cleanup_step
378         test_step_set_post capture_cleanup_step
379         test_remark_add "Capture - need some traffic on interface: \"$TRAFFIC_CAPTURE_IFACE\""
380         test_suite_add "TShark capture" tshark_capture_suite
381         test_suite_add "Wireshark capture" wireshark_capture_suite
382         test_suite_add "Dumpcap capture" dumpcap_capture_suite
383 }