Temporarily disable 'Capture 10 packets using stdout' test for tshark until we can...
[obnox/wireshark/wip.git] / test / suite-capture.sh
1 #!/bin/bash
2 #
3 # Test the capture engine of the Wireshark tools
4 #
5 # $Id$
6 #
7 # Wireshark - Network traffic analyzer
8 # By Gerald Combs <gerald@wireshark.org>
9 # Copyright 2005 Ulf Lamping
10 #
11 # This program is free software; you can redistribute it and/or
12 # modify it under the terms of the GNU General Public License
13 # as published by the Free Software Foundation; either version 2
14 # of the License, or (at your option) any later version.
15 #
16 # This program is distributed in the hope that it will be useful,
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
19 # GNU General Public License for more details.
20 #
21 # You should have received a copy of the GNU General Public License
22 # along with this program; if not, writeto the Free Software
23 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
24 #
25
26
27 # common exit status values
28 EXIT_OK=0
29 EXIT_COMMAND_LINE=1
30 EXIT_ERROR=2
31
32 case $WS_SYSTEM in
33         Windows|SunOS) SKIP_CAPTURE=0 ;;
34         *) SKIP_CAPTURE=1 ;;
35 esac
36
37 capture_test_output_print() {
38         wait
39         for f in "$@"; do
40                 if [[ -f "$f" ]]; then
41                 printf " --> $f\n"
42                 cat "$f"
43                 printf "\n"
44                 fi
45         done
46 }
47
48 traffic_gen_ping() {
49         # Generate some traffic for quiet networks.
50         # This will have to be adjusted for non-Windows systems.
51         {
52         date 
53         for (( x=20; x<=50; x++ )) # in effect: number the packets
54         do
55                 # How does ping _not_ have a standard set of arguments?
56                 case $WS_SYSTEM in
57                         Windows)
58                                 ping -n 1 -l $x www.wireshark.org       ;;
59                         SunOS)
60                                 ping www.wireshark.org $x 1             ;;
61                         *) # *BSD, Linux
62                                 ping -c 1 -s $x www.wireshark.org       ;;
63                 esac
64                 sleep 1
65         done
66         date
67         } > ./testout_ping.txt 2>&1 &
68 }
69
70 ping_cleanup() {
71         wait
72         rm -f ./testout_ping.txt
73 }
74
75 # capture exactly 10 packets
76 capture_step_10packets() {
77         if [ $SKIP_CAPTURE -ne 0 ] ; then
78                 test_step_skipped
79                 return
80         fi
81
82         traffic_gen_ping
83
84         date > ./testout.txt
85         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
86                 -w ./testout.pcap \
87                 -c 10  \
88                 -a duration:$TRAFFIC_CAPTURE_DURATION \
89                 -f icmp \
90                 >> ./testout.txt 2>&1
91         RETURNVALUE=$?
92         date >> ./testout.txt
93         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
94                 echo
95                 capture_test_output_print ./testout.txt
96                 # part of the Prerequisite checks
97                 # wrong interface ? output the possible interfaces
98                 $TSHARK -D
99                 test_step_failed "exit status of $DUT: $RETURNVALUE"
100                 return
101         fi
102
103         # we should have an output file now
104         if [ ! -f "./testout.pcap" ]; then
105         capture_test_output ./testout.txt
106                 test_step_failed "No output file!"
107                 return
108         fi
109
110         # ok, we got a capture file, does it contain exactly 10 packets?
111         $CAPINFOS ./testout.pcap > ./testout2.txt
112         grep -i 'Number of packets: 10' ./testout2.txt > /dev/null
113         if [ $? -eq 0 ]; then
114                 test_step_ok
115         else
116                 echo
117                 $TSHARK -ta -r ./testout.pcap >> ./testout2.txt
118                 capture_test_output_print ./testout_ping.txt ./testout.txt ./testout2.txt
119                 # part of the Prerequisite checks
120                 # probably wrong interface, output the possible interfaces
121                 $TSHARK -D
122                 test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
123         fi
124 }
125
126 # capture exactly 10 packets using "-w -" (piping to stdout)
127 capture_step_10packets_stdout() {
128         if [ $SKIP_CAPTURE -ne 0 ] ; then
129                 test_step_skipped
130                 return
131         fi
132
133         traffic_gen_ping
134
135         date > ./testout.txt
136         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
137                 -c 10 \
138                 -a duration:$TRAFFIC_CAPTURE_DURATION \
139                 -w - \
140                 -f icmp \
141                 > ./testout.pcap 2>>./testout.txt
142         RETURNVALUE=$?
143         date >> ./testout.txt
144         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
145                 echo
146                 cat ./testout.txt
147                 $TSHARK -D
148                 test_step_failed "exit status of $DUT: $RETURNVALUE"
149                 return
150         fi
151
152         # we should have an output file now
153         if [ ! -f "./testout.pcap" ]; then
154                 test_step_failed "No output file!"
155                 return
156         fi
157
158         # ok, we got a capture file, does it contain exactly 10 packets?
159         $CAPINFOS ./testout.pcap > ./testout2.txt 2>&1
160         grep -i 'Number of packets: 10' ./testout2.txt > /dev/null
161         if [ $? -eq 0 ]; then
162                 test_step_ok
163         else
164                 echo
165                 cat ./testout.txt
166                 cat ./testout2.txt
167                 $TSHARK -D
168                 test_step_failed "No or not enough traffic captured. Probably the wrong interface: $TRAFFIC_CAPTURE_IFACE!"
169         fi
170 }
171
172 # capture packets via a fifo
173 capture_step_fifo() {
174         mkfifo 'fifo'
175         (cat $CAPFILE; sleep 1; tail -c +25 $CAPFILE) > fifo &
176         $DUT -i fifo $TRAFFIC_CAPTURE_PROMISC \
177                 -w ./testout.pcap \
178                 -a duration:$TRAFFIC_CAPTURE_DURATION \
179                 > ./testout.txt 2>&1
180         RETURNVALUE=$?
181         rm 'fifo'
182         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
183                 test_step_failed "exit status of $DUT: $RETURNVALUE"
184                 return
185         fi
186
187         # we should have an output file now
188         if [ ! -f "./testout.pcap" ]; then
189                 test_step_failed "No output file!"
190                 return
191         fi
192
193         # ok, we got a capture file, does it contain exactly 8 packets?
194         $CAPINFOS ./testout.pcap > ./testout.txt
195         grep -i 'Number of packets: 8' ./testout.txt > /dev/null
196         if [ $? -eq 0 ]; then
197                 test_step_ok
198         else
199                 echo
200                 cat ./testout.txt
201                 test_step_failed "No or not enough traffic captured."
202         fi
203 }
204
205 # capture exactly 2 times 10 packets (multiple files)
206 capture_step_2multi_10packets() {
207         if [ $SKIP_CAPTURE -ne 0 ] ; then
208                 test_step_skipped
209                 return
210         fi
211
212         traffic_gen_ping
213
214         date > ./testout.txt
215         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
216                 -w ./testout.pcap \
217                 -c 10 \
218                 -a duration:$TRAFFIC_CAPTURE_DURATION \
219                 -f icmp \
220                 >> ./testout.txt 2>&1
221
222         RETURNVALUE=$?
223         date >> ./testout.txt
224         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
225                 echo
226                 cat ./testout.txt
227                 # part of the Prerequisite checks
228                 # probably wrong interface, output the possible interfaces
229                 $TSHARK -D
230                 test_step_failed "exit status of $DUT: $RETURNVALUE"
231                 return
232         fi
233
234         # we should have an output file now
235         if [ ! -f "./testout.pcap" ]; then
236                 test_step_failed "No output file!"
237                 return
238         fi
239
240         # ok, we got a capture file, does it contain exactly 10 packets?
241         $CAPINFOS ./testout.pcap > ./testout.txt
242         grep -i 'Number of packets: 10' ./testout.txt > /dev/null
243         if [ $? -eq 0 ]; then
244                 test_step_ok
245         else
246                 echo
247                 cat ./testout.txt
248                 test_step_failed "Probably the wrong interface (no traffic captured)!"
249         fi
250 }
251
252 # capture with a very unlikely read filter, packets must be zero afterwards
253 capture_step_read_filter() {
254         if [ $SKIP_CAPTURE -ne 0 ] ; then
255                 test_step_skipped
256                 return
257         fi
258
259         traffic_gen_ping
260
261         # valid, but very unlikely filter
262         date > ./testout.txt
263         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
264                 -w ./testout.pcap \
265                 -a duration:$TRAFFIC_CAPTURE_DURATION \
266                 -R 'dcerpc.cn_call_id==123456' \
267                 -c 10 \
268                 -f icmp \
269                 >> ./testout.txt 2>&1
270         RETURNVALUE=$?
271         date >> ./testout.txt
272         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
273                 echo
274                 cat ./testout.txt
275                 # part of the Prerequisite checks
276                 # wrong interface ? output the possible interfaces
277                 $TSHARK -D
278                 test_step_failed "exit status: $RETURNVALUE"
279                 return
280         fi
281
282         # we should have an output file now
283         if [ ! -f "./testout.pcap" ]; then
284                 test_step_failed "No output file!"
285                 return
286         fi
287
288         # ok, we got a capture file, does it contain exactly 0 packets?
289         $CAPINFOS ./testout.pcap > ./testout.txt
290         grep -i 'Number of packets: 0' ./testout.txt > /dev/null
291         if [ $? -eq 0 ]; then
292                 test_step_ok
293         else
294                 echo
295                 cat ./testout.txt
296                 test_step_failed "Capture file should contain zero packets!"
297         fi
298 }
299
300
301 # capture with a snapshot length
302 capture_step_snapshot() {
303         if [ $SKIP_CAPTURE -ne 0 ] ; then
304                 test_step_skipped
305                 return
306         fi
307
308         traffic_gen_ping
309
310         # capture with a snapshot length of 68 bytes for $TRAFFIC_CAPTURE_DURATION seconds
311         # this should result in no packets greater than 68 bytes
312         date > ./testout.txt
313         $DUT -i $TRAFFIC_CAPTURE_IFACE $TRAFFIC_CAPTURE_PROMISC \
314                 -w ./testout.pcap \
315                 -s 68 \
316                 -a duration:$TRAFFIC_CAPTURE_DURATION \
317                 -f icmp \
318                 >> ./testout.txt 2>&1
319         RETURNVALUE=$?
320         date >> ./testout.txt
321         if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
322                 echo
323                 cat ./testout.txt
324                 # part of the Prerequisite checks
325                 # wrong interface ? output the possible interfaces
326                 $TSHARK -D
327                 test_step_failed "exit status: $RETURNVALUE"
328                 return
329         fi
330
331         # we should have an output file now
332         if [ ! -f "./testout.pcap" ]; then
333                 test_step_failed "No output file!"
334                 return
335         fi
336
337         # use tshark to filter out all packets, which are larger than 68 bytes
338         $TSHARK -r ./testout.pcap -w ./testout2.pcap -R 'frame.cap_len>68' > ./testout.txt 2>&1
339
340         # ok, we got a capture file, does it contain exactly 0 packets?
341         $CAPINFOS ./testout2.pcap > ./testout.txt
342         grep -i 'Number of packets: 0' ./testout.txt > /dev/null
343         if [ $? -eq 0 ]; then
344                 test_step_ok
345         else
346                 echo
347                 cat ./testout.txt
348                 test_step_failed "Capture file should contain zero packets!"
349                 return
350         fi
351 }
352
353 wireshark_capture_suite() {
354         # Q: quit after cap, k: start capture immediately
355         DUT="$WIRESHARK -Q -k"
356         test_step_add "Capture 10 packets" capture_step_10packets
357         # piping to stdout doesn't work with Wireshark and capturing!
358         #test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
359         # read filter doesn't work with Wireshark and capturing!
360         #test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
361         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
362 }
363
364 tshark_capture_suite() {
365         DUT=$TSHARK
366         test_step_add "Capture 10 packets" capture_step_10packets
367         #test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
368         if [ $TEST_FIFO ]; then
369                 test_step_add "Capture via fifo" capture_step_fifo
370         fi
371         test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
372         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
373 }
374
375 dumpcap_capture_suite() {
376         #DUT="$DUMPCAP -Q"
377         DUT=$DUMPCAP
378         test_step_add "Capture 10 packets" capture_step_10packets
379         test_step_add "Capture 10 packets using stdout: -w -" capture_step_10packets_stdout
380         if [ $TEST_FIFO ]; then
381                 test_step_add "Capture via fifo" capture_step_fifo
382         fi
383         # read (display) filters intentionally doesn't work with dumpcap!
384         #test_step_add "Capture read filter (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_read_filter
385         test_step_add "Capture snapshot length 68 bytes (${TRAFFIC_CAPTURE_DURATION}s)" capture_step_snapshot
386 }
387
388 capture_cleanup_step() {
389         ping_cleanup
390         rm -f ./testout.txt
391         rm -f ./testout2.txt
392         rm -f ./testout.pcap
393         rm -f ./testout2.pcap
394 }
395
396 capture_suite() {
397         test_step_set_pre capture_cleanup_step
398         test_step_set_post capture_cleanup_step
399         test_remark_add "Capture - need some traffic on interface: \"$TRAFFIC_CAPTURE_IFACE\""
400         test_suite_add "Dumpcap capture" dumpcap_capture_suite
401         test_suite_add "TShark capture" tshark_capture_suite
402         test_suite_add "Wireshark capture" wireshark_capture_suite
403 }