3 Test-suite to test ethereal's dfilter mechanism.
7 # $Id: dfilter-test.py,v 1.3 2003/08/27 15:23:11 gram Exp $
9 # Copyright (C) 2003 by Gilbert Ramirez <gram@alumni.rice.edu>
11 # This program is free software; you can redistribute it and/or
12 # modify it under the terms of the GNU General Public License
13 # as published by the Free Software Foundation; either version 2
14 # of the License, or (at your option) any later version.
16 # This program is distributed in the hope that it will be useful,
17 # but WITHOUT ANY WARRANTY; without even the implied warranty of
18 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 # GNU General Public License for more details.
21 # You should have received a copy of the GNU General Public License
22 # along with this program; if not, write to the Free Software
23 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
32 # Global variables that can be overridden by user
36 TEXT2PCAP = os.path.join(".", "text2pcap")
37 TETHEREAL = os.path.join(".", "tethereal")
39 # Some DLT values. Add more from <net/bpf.h> if you need to.
41 DLT_NULL = 0 # no link-layer encapsulation
42 DLT_EN10MB = 1 # Ethernet (10Mb)
43 DLT_EN3MB = 2 # Experimental Ethernet (3Mb)
44 DLT_AX25 = 3 # Amateur Radio AX.25
45 DLT_PRONET = 4 # Proteon ProNET Token Ring
47 DLT_IEEE802 = 6 # IEEE 802 Networks
48 DLT_ARCNET = 7 # ARCNET
49 DLT_SLIP = 8 # Serial Line IP
50 DLT_PPP = 9 # Point-to-point Protocol
52 DLT_FRELAY = 107 # Frame Relay
54 ################################################################################
56 class RunCommandError:
57 """The exception that run_cmd can produce."""
61 """Run a command. 'cmd' is either a string or
62 a tuple/array of strings. Returns a tuple of
63 the output of the command and the return value.
64 If an error did not occur, the return value is None, not 0.
65 If an error occured while trying to run the command,
66 RunCommandError is raised.
67 Both, or either, the output and the return value, may
68 be None if RunCommandError is raised.."""
70 if type(cmd) == types.TupleType:
81 output = pipe.readlines()
87 return (output, error)
90 def remove_file(filename):
91 """Remove a file. No exceptions are produced even
92 when the file cannot be removed."""
100 """Knows how to convert a string representing the
101 hex-dump of packet into a libpcap file."""
103 def __init__(self, linklayer):
104 """Linklayer is a DLT value."""
105 self.linklayer = linklayer
111 """Returns the filename of the packet trace.
112 The first time this is called, the libpcap trace
113 file is created. During subsequent calls, the libpcap
114 tracee file already exists, so the filename is simply
115 returned. Care is taken so that the libpcap trace file
116 is automatically deleted when this Python process
118 if not self.filename:
119 # Create the temporary text file.
120 hex_filename = tempfile.mktemp("-dfilter-test.txt")
122 # Tell Python to remove the file when exiting
123 if REMOVE_TEMP_FILES:
124 atexit.register(remove_file, hex_filename)
127 hex_fh = open(hex_filename, "w")
128 hex_fh.write(self.data)
132 sys.exit("Could not write to %s: %s" % \
136 # Create the pcap file
137 self.filename = tempfile.mktemp("-dfilter-test.cap")
139 # Tell Python to remove the file when exiting
140 if REMOVE_TEMP_FILES:
141 atexit.register(remove_file, self.filename)
143 cmd = (TEXT2PCAP, "-q -l", str(self.linklayer))
146 cmd = cmd + ("-t", "'" + self.time_fmt + "'")
148 cmd = cmd + (hex_filename, self.filename)
151 (output, error) = run_cmd(cmd)
152 except RunCommandError:
153 sys.exit("Could not produce trace file.")
156 sys.exit("Could not produce trace file.")
159 if not REMOVE_TEMP_FILES:
160 print "(", self.filename, ") ...",
169 """Base class for test classes."""
172 """Run the tests listed in self.tests.
178 for test in self.tests:
179 print "\t", test.__name__ , "...",
188 return (num_run, num_succeeded)
191 def DFilterCount(self, packet, dfilter, num_lines_expected):
192 """Run a dfilter on a packet file and expect
193 a certain number of output lines. If num_lines_expected
194 is None, then the tethereal command is expected to fail
195 with a non-zero return value."""
197 packet_file = packet.Filename()
199 cmd = (TETHEREAL, "-n -r", packet_file, "-R '", dfilter, "'")
204 (output, retval) = run_cmd(cmd)
205 except RunCommandError:
208 # print "GOT", len(output), "lines:", output, retval
211 if num_lines_expected == None:
213 print "\nGot:", output
216 print "\nGot:", output
218 elif len(output) == num_lines_expected:
220 print "\nGot:", output
223 print "\nGot:", output
227 ################################################################################
229 # Watch out for trailing backslashes. If the last character in the line is a
230 # backslash, the data won't convert properly. Just remove the backslash or
231 # replace it with another character. I haven't determined if this is due to
232 # Python's "here-document" parsing, or due to text2pcap.
233 ################################################################################
236 pkt_ipx_rip = Packet(DLT_EN10MB)
237 pkt_ipx_rip.data = """
238 0000 ff ff ff ff ff ff 00 aa 00 a3 e3 a4 00 28 ff ff ........ .....(..
239 0010 00 28 00 01 00 00 00 28 ff ff ff ff ff ff 04 53 .(.....( .......S
240 0020 00 00 00 28 00 aa 00 a3 e3 a4 04 53 00 02 39 17 ...(.... ...S..9.
241 0030 29 e2 00 01 00 02 00 00 00 00 00 00 )....... ....
245 pkt_ipv6 = Packet(DLT_EN10MB)
247 0000 33 33 00 00 99 99 00 00 86 05 80 fa 86 dd 60 00 33...... ......`.
248 0010 00 00 00 20 00 01 fe 80 00 00 00 00 00 00 02 00 ... .... ........
249 0020 86 ff fe 05 80 fa ff 05 00 00 00 00 00 00 00 00 ........ ........
250 0030 00 00 00 00 99 99 3a 00 01 00 05 02 00 00 83 00 ......:. ........
251 0040 44 ed 00 00 00 00 ff 05 00 00 00 00 00 00 00 00 D....... ........
252 0050 00 00 00 00 99 99 ......
256 pkt_arp = Packet(DLT_FRELAY)
258 0000 18 41 03 00 80 00 00 00 08 06 00 0f 08 00 02 04 .A...... ........
259 0010 00 08 00 00 0a ce 01 02 00 64 00 00 00 00 ........ .d....
263 pkt_nfs = Packet(DLT_FDDI)
264 pkt_nfs.time_fmt = "%Y-%m-%d %H:%M:%S."
266 2002-12-31 07:55:31.3
267 0000 51 10 00 d4 cd 59 6f 00 07 4a 01 6e 00 aa aa 03 Q....Yo. .J.n....
268 0010 00 00 00 08 00 45 00 00 b4 1c cf 40 00 fc 11 a4 .....E.. ...@....
269 0020 cd ac 19 64 0e c6 5f e6 14 03 ff 08 01 00 a0 79 ...d.._. .......y
270 0030 f9 7b 55 8a eb 00 00 00 00 00 00 00 02 00 01 86 .{U..... ........
271 0040 a3 00 00 00 03 00 00 00 01 00 00 00 01 00 00 00 ........ ........
272 0050 4c 36 db 91 97 00 00 00 0a 61 74 6d 63 6c 69 65 L6...... .atmclie
273 0060 6e 74 32 00 00 00 00 00 00 00 00 00 01 00 00 00 nt2..... ........
274 0070 0b 00 00 00 01 00 00 00 00 00 00 00 02 00 00 00 ........ ........
275 0080 03 00 00 00 04 00 00 00 05 00 00 00 06 00 00 00 ........ ........
276 0090 07 00 00 00 08 00 00 00 09 00 00 00 0c 00 00 00 ........ ........
277 00a0 00 00 00 00 00 00 00 00 20 21 92 13 00 a7 92 59 ........ !.....Y
278 00b0 07 20 00 00 00 00 02 4a 77 db b5 19 01 19 00 00 . .....J w.......
279 00c0 00 01 a4 06 00 97 1b 05 00 ........ .
281 2002-12-31 07:55:32.0
282 0000 51 00 07 4a 01 6e 00 10 00 d4 cd 59 6f aa aa 03 Q..J.n.. ...Yo...
283 0010 00 00 00 08 00 45 00 00 8c 6d 3c 00 00 40 11 50 .....E.. .m<..@.P
284 0020 89 c6 5f e6 14 ac 19 64 0e 08 01 03 ff 00 78 1d .._....d ......x.
285 0030 99 7b 55 8a eb 00 00 00 01 00 00 00 00 00 00 00 .{U..... ........
286 0040 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
287 0050 01 00 00 01 ed 00 00 00 01 00 00 00 00 00 00 00 ........ ........
288 0060 1e 00 00 00 00 00 04 07 60 00 00 00 00 00 04 20 ........ `......
289 0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
290 0080 19 00 00 00 00 00 02 4a 77 36 db 94 da 0c 84 5c .......J w6......
291 0090 68 32 1e 28 e9 00 00 00 00 32 23 d4 10 0a 21 fe h2.(.... .2#...!.
296 pkt_ntp = Packet(DLT_EN10MB)
298 0000 08 00 2b 91 e8 3a 08 00 2b e4 c4 43 08 00 45 00 ..+..:.. +..C..E.
299 0010 00 4c 64 4c 00 00 1e 11 02 47 82 dc 18 3e 82 dc .LdL.... .G...>..
300 0020 18 18 00 7b 00 7b 00 38 ee 1c 1b 04 06 f5 00 00 ...{.{.8 ........
301 0030 10 0d 00 00 05 57 82 dc 18 18 ba 29 66 36 7d d0 .....W.. ...)f6}.
302 0040 00 00 ba 29 66 36 7d 58 40 00 ba 29 66 36 7d d0 ...)f6}X @..)f6}.
303 0050 00 00 ba 29 66 76 7d 50 50 00 ...)fv}P P.
308 pkt_http = Packet(DLT_EN10MB)
309 pkt_http.time_fmt = "%Y-%m-%d %H:%M:%S."
311 2002-12-31 07:55:31.3
312 0000 00 e0 81 00 b0 28 00 09 6b 88 f5 c9 08 00 45 00 .....(.. k.....E.
313 0010 00 c1 d2 49 40 00 80 06 c8 5b 0a 00 00 05 cf 2e ...I@... .[......
314 0020 86 5e 0c c3 00 50 a8 00 76 87 7d e0 14 02 50 18 .^...P.. v.}...P.
315 0030 fa f0 ad 62 00 00 48 45 41 44 20 2f 76 34 2f 69 ...b..HE AD /v4/i
316 0040 75 69 64 65 6e 74 2e 63 61 62 3f 30 33 30 37 30 uident.c ab?03070
317 0050 31 31 32 30 38 20 48 54 54 50 2f 31 2e 31 0d 0a 11208 HT TP/1.1..
318 0060 41 63 63 65 70 74 3a 20 2a 2f 2a 0d 0a 55 73 65 Accept: */*..Use
319 0070 72 2d 41 67 65 6e 74 3a 20 49 6e 64 75 73 74 72 r-Agent: Industr
320 0080 79 20 55 70 64 61 74 65 20 43 6f 6e 74 72 6f 6c y Update Control
321 0090 0d 0a 48 6f 73 74 3a 20 77 69 6e 64 6f 77 73 75 ..Host: windowsu
322 00a0 70 64 61 74 65 2e 6d 69 63 72 6f 73 6f 66 74 2e pdate.mi crosoft.
323 00b0 63 6f 6d 0d 0a 43 6f 6e 6e 65 63 74 69 6f 6e 3a com..Con nection:
324 00c0 20 4b 65 65 70 2d 41 6c 69 76 65 0d 0a 0d 0a Keep-Al ive....
329 pkt_tftp = Packet(DLT_IEEE802)
331 0000 10 40 00 20 35 01 2b 59 00 06 29 17 93 f8 aa aa .@. 5.+Y ..).....
332 0010 03 00 00 00 08 00 45 00 00 37 f9 39 00 00 40 11 ......E. .7.9..@.
333 0020 a6 db c0 a8 2c 7b c0 a8 2c d5 f9 39 00 45 00 23 ....,{.. ,..9.E.#
334 0030 8d 73 00 01 43 3a 5c 49 42 4d 54 43 50 49 50 5c .s..C:\I BMTCPIP.
335 0040 6c 63 63 6d 2e 31 00 6f 63 74 65 74 00 lccm.1.o ctet.
339 ################################################################################
341 ################################################################################
344 """Tests routines in ftype-bytes.c"""
347 print "Note: Bytes test does not yet test FT_INT64."
350 return self.DFilterCount(pkt_ipx_rip,
351 "eth.dst == ff:ff:ff:ff:ff:ff", 1)
354 return self.DFilterCount(pkt_ipx_rip,
355 "eth.src == ff:ff:ff:ff:ff:ff", 0)
358 return self.DFilterCount(pkt_ipx_rip,
359 "eth.dst != ff:ff:ff:ff:ff:ff", 0)
362 return self.DFilterCount(pkt_ipx_rip,
363 "eth.src != ff:ff:ff:ff:ff:ff", 1)
366 return self.DFilterCount(pkt_ipx_rip,
367 "eth.src > 00:aa:00:a3:e3:ff", 0)
370 return self.DFilterCount(pkt_ipx_rip,
371 "eth.src > 00:aa:00:a3:e3:a4", 0)
374 return self.DFilterCount(pkt_ipx_rip,
375 "eth.src > 00:aa:00:a3:e3:00", 1)
378 return self.DFilterCount(pkt_ipx_rip,
379 "eth.src >= 00:aa:00:a3:e3:ff", 0)
382 return self.DFilterCount(pkt_ipx_rip,
383 "eth.src >= 00:aa:00:a3:e3:a4", 1)
386 return self.DFilterCount(pkt_ipx_rip,
387 "eth.src >= 00:aa:00:a3:e3:00", 1)
390 return self.DFilterCount(pkt_ipx_rip,
391 "eth.src < 00:aa:00:a3:e3:ff", 1)
394 return self.DFilterCount(pkt_ipx_rip,
395 "eth.src < 00:aa:00:a3:e3:a4", 0)
398 return self.DFilterCount(pkt_ipx_rip,
399 "eth.src < 00:aa:00:a3:e3:00", 0)
402 return self.DFilterCount(pkt_ipx_rip,
403 "eth.src <= 00:aa:00:a3:e3:ff", 1)
406 return self.DFilterCount(pkt_ipx_rip,
407 "eth.src <= 00:aa:00:a3:e3:a4", 1)
410 return self.DFilterCount(pkt_ipx_rip,
411 "eth.src <= 00:aa:00:a3:e3:00", 0)
413 def ck_slice_1(self):
414 return self.DFilterCount(pkt_ipx_rip,
415 "eth.src[0:3] == 00:aa:00", 1)
417 def ck_slice_2(self):
418 return self.DFilterCount(pkt_ipx_rip,
419 "eth.src[-3:3] == a3:e3:a4", 1)
421 def ck_slice_3(self):
422 return self.DFilterCount(pkt_ipx_rip,
423 "eth.src[1:4] == aa:00:a3:e3", 1)
425 def ck_slice_4(self):
426 return self.DFilterCount(pkt_ipx_rip,
427 "eth.src[0] == 00", 1)
430 return self.DFilterCount(pkt_ipv6,
431 "ipv6.dst == ff05::9999", 1)
434 return self.DFilterCount(pkt_ipv6,
435 "ipv6.dst == ff05::9990", 0)
437 # ck_eq_1 checks FT_ETHER; this checks FT_BYTES
438 def ck_bytes_1(self):
439 return self.DFilterCount(pkt_arp,
440 "arp.dst.hw == 00:64", 1)
442 # ck_eq_2 checks FT_ETHER; this checks FT_BYTES
443 def ck_bytes_2(self):
444 return self.DFilterCount(pkt_arp,
445 "arp.dst.hw == 00:00", 0)
447 # ck_eq_1 checks FT_ETHER; this checks FT_UINT64
448 def ck_uint64_1(self):
449 return self.DFilterCount(pkt_nfs,
450 "nfs.fattr3.size == 264032", 1)
452 # ck_eq_2 checks FT_ETHER; this checks FT_UINT64
453 def ck_uint64_2(self):
454 return self.DFilterCount(pkt_nfs,
455 "nfs.fattr3.size == 264000", 0)
457 def ck_contains_1(self):
458 return self.DFilterCount(pkt_ipx_rip,
459 "ipx.src.node contains a3", 1)
461 def ck_contains_2(self):
462 return self.DFilterCount(pkt_ipx_rip,
463 "ipx.src.node contains a3:e3", 1)
465 def ck_contains_3(self):
466 return self.DFilterCount(pkt_ipx_rip,
467 "ipx.src.node contains 00:aa:00:a3:e3:a4", 1)
469 def ck_contains_4(self):
470 return self.DFilterCount(pkt_ipx_rip,
471 "ipx.src.node contains aa:e3", 0)
509 """Tests routines in ftype-double.c"""
512 # This works on ia32/Linux
513 # http://www.cslab.vt.edu/manuals/glibc-2.2.3/html_node/libc_673.html
514 return self.DFilterCount(pkt_ntp,
515 "ntp.rootdelay == 0.0626983642578125", 1)
518 return self.DFilterCount(pkt_ntp,
519 "ntp.rootdelay == 0.0626", 0)
522 return self.DFilterCount(pkt_ntp,
523 "ntp.rootdelay > 1.0626", 0)
526 return self.DFilterCount(pkt_ntp,
527 "ntp.rootdelay > 0.0626983642578125", 0)
530 return self.DFilterCount(pkt_ntp,
531 "ntp.rootdelay > 0.0026", 1)
534 return self.DFilterCount(pkt_ntp,
535 "ntp.rootdelay >= 1.0626", 0)
538 return self.DFilterCount(pkt_ntp,
539 "ntp.rootdelay >= 0.0626983642578125", 1)
542 return self.DFilterCount(pkt_ntp,
543 "ntp.rootdelay > 0.0026", 1)
546 return self.DFilterCount(pkt_ntp,
547 "ntp.rootdelay < 1.0626", 1)
550 return self.DFilterCount(pkt_ntp,
551 "ntp.rootdelay < 0.0626983642578125", 0)
554 return self.DFilterCount(pkt_ntp,
555 "ntp.rootdelay < 0.0026", 0)
558 return self.DFilterCount(pkt_ntp,
559 "ntp.rootdelay <= 1.0626", 1)
562 return self.DFilterCount(pkt_ntp,
563 "ntp.rootdelay <= 0.0626983642578125", 1)
566 return self.DFilterCount(pkt_ntp,
567 "ntp.rootdelay <= 0.0026", 0)
588 """Tests routines in ftype-integer.c"""
591 return self.DFilterCount(pkt_ntp,
592 "ip.version == 4", 1)
595 return self.DFilterCount(pkt_ntp,
596 "ip.version == 6", 0)
599 return self.DFilterCount(pkt_ntp,
600 "ip.version != 0", 1)
603 return self.DFilterCount(pkt_ntp,
604 "ip.version != 4", 0)
607 return self.DFilterCount(pkt_ntp,
611 return self.DFilterCount(pkt_ntp,
615 return self.DFilterCount(pkt_ntp,
619 return self.DFilterCount(pkt_ntp,
620 "ip.version >= 3", 1)
623 return self.DFilterCount(pkt_ntp,
624 "ip.version >= 4", 1)
627 return self.DFilterCount(pkt_ntp,
628 "ip.version >= 5", 0)
631 return self.DFilterCount(pkt_ntp,
635 return self.DFilterCount(pkt_ntp,
639 return self.DFilterCount(pkt_ntp,
643 return self.DFilterCount(pkt_ntp,
644 "ip.version <= 3", 0)
647 return self.DFilterCount(pkt_ntp,
648 "ip.version <= 4", 1)
651 return self.DFilterCount(pkt_ntp,
652 "ip.version <= 5", 1)
655 return self.DFilterCount(pkt_ntp,
656 "ntp.precision > -12", 1)
659 return self.DFilterCount(pkt_ntp,
660 "ntp.precision > -11", 0)
663 return self.DFilterCount(pkt_ntp,
664 "ntp.precision > -10", 0)
667 return self.DFilterCount(pkt_ntp,
668 "ntp.precision >= -12", 1)
671 return self.DFilterCount(pkt_ntp,
672 "ntp.precision >= -11", 1)
675 return self.DFilterCount(pkt_ntp,
676 "ntp.precision >= -10", 0)
679 return self.DFilterCount(pkt_ntp,
680 "ntp.precision < -12", 0)
683 return self.DFilterCount(pkt_ntp,
684 "ntp.precision < -11", 0)
687 return self.DFilterCount(pkt_ntp,
688 "ntp.precision < -10", 1)
691 return self.DFilterCount(pkt_ntp,
692 "ntp.precision <= -12", 0)
695 return self.DFilterCount(pkt_ntp,
696 "ntp.precision <= -11", 1)
699 return self.DFilterCount(pkt_ntp,
700 "ntp.precision <= -10", 1)
702 def ck_bool_eq_1(self):
703 return self.DFilterCount(pkt_ntp,
704 "ip.flags.df == 0", 1)
706 def ck_bool_eq_2(self):
707 return self.DFilterCount(pkt_ntp,
708 "ip.flags.df == 1", 0)
710 def ck_bool_ne_1(self):
711 return self.DFilterCount(pkt_ntp,
712 "ip.flags.df != 1", 1)
714 def ck_bool_ne_2(self):
715 return self.DFilterCount(pkt_ntp,
716 "ip.flags.df != 0", 0)
719 return self.DFilterCount(pkt_ipx_rip,
720 "ipx.src.net == 0x28", 1)
723 return self.DFilterCount(pkt_ipx_rip,
724 "ipx.src.net == 0x29", 0)
765 """Tests routines in ftype-ipv4.c"""
768 return self.DFilterCount(pkt_nfs,
769 "ip.src == 172.25.100.14", 1)
772 return self.DFilterCount(pkt_nfs,
773 "ip.src == 255.255.255.255", 0)
776 return self.DFilterCount(pkt_nfs,
777 "ip.src != 172.25.100.14", 1)
780 return self.DFilterCount(pkt_nfs,
781 "ip.src != 255.255.255.255", 2)
784 return self.DFilterCount(pkt_nfs,
785 "ip.dst > 198.95.230.200", 0)
788 return self.DFilterCount(pkt_nfs,
789 "ip.dst > 198.95.230.20", 0)
792 return self.DFilterCount(pkt_nfs,
793 "ip.dst > 198.95.230.10", 1)
796 return self.DFilterCount(pkt_nfs,
797 "ip.dst >= 198.95.230.200", 0)
800 return self.DFilterCount(pkt_nfs,
801 "ip.dst >= 198.95.230.20", 1)
804 return self.DFilterCount(pkt_nfs,
805 "ip.dst >= 198.95.230.10", 1)
808 return self.DFilterCount(pkt_nfs,
809 "ip.src < 172.25.100.140", 1)
812 return self.DFilterCount(pkt_nfs,
813 "ip.src < 172.25.100.14", 0)
816 return self.DFilterCount(pkt_nfs,
817 "ip.src < 172.25.100.10", 0)
820 return self.DFilterCount(pkt_nfs,
821 "ip.src <= 172.25.100.140", 1)
824 return self.DFilterCount(pkt_nfs,
825 "ip.src <= 172.25.100.14", 1)
828 return self.DFilterCount(pkt_nfs,
829 "ip.src <= 172.25.100.10", 0)
831 def ck_cidr_eq_1(self):
832 return self.DFilterCount(pkt_nfs,
833 "ip.src == 172.25.100.14/32", 1)
835 def ck_cidr_eq_2(self):
836 return self.DFilterCount(pkt_nfs,
837 "ip.src == 172.25.100.0/24", 1)
839 def ck_cidr_eq_3(self):
840 return self.DFilterCount(pkt_nfs,
841 "ip.src == 172.25.0.0/16", 1)
843 def ck_cidr_eq_4(self):
844 return self.DFilterCount(pkt_nfs,
845 "ip.src == 172.0.0.0/8", 1)
847 def ck_cidr_ne_1(self):
848 return self.DFilterCount(pkt_nfs,
849 "ip.src != 172.25.100.14/32", 1)
851 def ck_cidr_ne_2(self):
852 return self.DFilterCount(pkt_nfs,
853 "ip.src != 172.25.100.0/24", 1)
855 def ck_cidr_ne_3(self):
856 return self.DFilterCount(pkt_nfs,
857 "ip.src != 172.25.0.0/16", 1)
859 def ck_cidr_ne_4(self):
860 return self.DFilterCount(pkt_nfs,
861 "ip.src != 200.0.0.0/8", 2)
891 """Tests routines in ftype-string.c"""
894 return self.DFilterCount(pkt_http,
895 'http.request.method == "HEAD"', 1)
898 return self.DFilterCount(pkt_http,
899 'http.request.method == "POST"', 0)
902 return self.DFilterCount(pkt_http,
903 'http.request.method > "HEAC"', 1)
906 return self.DFilterCount(pkt_http,
907 'http.request.method > "HEAD"', 0)
910 return self.DFilterCount(pkt_http,
911 'http.request.method > "HEAE"', 0)
914 return self.DFilterCount(pkt_http,
915 'http.request.method >= "HEAC"', 1)
918 return self.DFilterCount(pkt_http,
919 'http.request.method >= "HEAD"', 1)
922 return self.DFilterCount(pkt_http,
923 'http.request.method >= "HEAE"', 0)
926 return self.DFilterCount(pkt_http,
927 'http.request.method < "HEAC"', 0)
930 return self.DFilterCount(pkt_http,
931 'http.request.method < "HEAD"', 0)
934 return self.DFilterCount(pkt_http,
935 'http.request.method < "HEAE"', 1)
938 return self.DFilterCount(pkt_http,
939 'http.request.method <= "HEAC"', 0)
942 return self.DFilterCount(pkt_http,
943 'http.request.method <= "HEAD"', 1)
946 return self.DFilterCount(pkt_http,
947 'http.request.method <= "HEAE"', 1)
949 # XXX - this isn't handled in ethereal yet
950 def ck_slice_1(self):
951 return self.DFilterCount(pkt_http,
952 'http.request.method[0] == "H"', 1)
954 def ck_slice_2(self):
955 return self.DFilterCount(pkt_http,
956 'http.request.method[0] == "P"', 0)
958 def ck_slice_3(self):
959 return self.DFilterCount(pkt_http,
960 'http.request.method[0:4] == "HEAD"', 1)
962 def ck_slice_4(self):
963 return self.DFilterCount(pkt_http,
964 'http.request.method[0:4] != "HEAD"', 0)
966 def ck_slice_5(self):
967 return self.DFilterCount(pkt_http,
968 'http.request.method[1:2] == "EA"', 1)
970 def ck_slice_6(self):
971 return self.DFilterCount(pkt_http,
972 'http.request.method[1:2] > "EA"', 0)
974 def ck_slice_7(self):
975 return self.DFilterCount(pkt_http,
976 'http.request.method[-1] == "D"', 1)
978 def ck_slice_8(self):
979 return self.DFilterCount(pkt_http,
980 'http.request.method[-2] == "D"', 0)
982 def ck_stringz_1(self):
983 return self.DFilterCount(pkt_tftp,
984 'tftp.type == "octet"', 1)
986 def ck_stringz_2(self):
987 return self.DFilterCount(pkt_tftp,
988 'tftp.type == "junk"', 0)
990 def ck_contains_1(self):
991 return self.DFilterCount(pkt_http,
992 'http.request.method contains "E"', 1)
994 def ck_contains_2(self):
995 return self.DFilterCount(pkt_http,
996 'http.request.method contains "EA"', 1)
998 def ck_contains_3(self):
999 return self.DFilterCount(pkt_http,
1000 'http.request.method contains "HEAD"', 1)
1002 def ck_contains_4(self):
1003 return self.DFilterCount(pkt_http,
1004 'http.request.method contains "POST"', 0)
1006 def ck_contains_5(self):
1007 return self.DFilterCount(pkt_http,
1008 'http.request.method contains 50:4f:53:54"', 0) # "POST"
1010 def ck_contains_6(self):
1011 return self.DFilterCount(pkt_http,
1012 'http.request.method contains 48:45:41:44"', 1) # "HEAD"
1050 """Tests routines in ftype-time.c"""
1053 return self.DFilterCount(pkt_http,
1054 'frame.time == "Dec 31, 2002 07:55:31.3"', 1)
1057 return self.DFilterCount(pkt_http,
1058 'frame.time == "Jan 31, 2002 07:55:31.3"', 0)
1061 return self.DFilterCount(pkt_http,
1062 'frame.time != "Dec 31, 2002 07:55:31.3"', 0)
1065 return self.DFilterCount(pkt_http,
1066 'frame.time != "Jan 31, 2002 07:55:31.3"', 1)
1069 return self.DFilterCount(pkt_http,
1070 'frame.time > "Dec 31, 2002 07:54:31.3"', 1)
1073 return self.DFilterCount(pkt_http,
1074 'frame.time > "Dec 31, 2002 07:55:31.3"', 0)
1077 return self.DFilterCount(pkt_http,
1078 'frame.time > "Dec 31, 2002 07:56:31.3"', 0)
1081 return self.DFilterCount(pkt_http,
1082 'frame.time >= "Dec 31, 2002 07:54:31.3"', 1)
1085 return self.DFilterCount(pkt_http,
1086 'frame.time >= "Dec 31, 2002 07:55:31.3"', 1)
1089 return self.DFilterCount(pkt_http,
1090 'frame.time >= "Dec 31, 2002 07:56:31.3"', 0)
1093 return self.DFilterCount(pkt_http,
1094 'frame.time < "Dec 31, 2002 07:54:31.3"', 0)
1097 return self.DFilterCount(pkt_http,
1098 'frame.time < "Dec 31, 2002 07:55:31.3"', 0)
1101 return self.DFilterCount(pkt_http,
1102 'frame.time < "Dec 31, 2002 07:56:31.3"', 1)
1105 return self.DFilterCount(pkt_http,
1106 'frame.time <= "Dec 31, 2002 07:54:31.3"', 0)
1109 return self.DFilterCount(pkt_http,
1110 'frame.time <= "Dec 31, 2002 07:55:31.3"', 1)
1113 return self.DFilterCount(pkt_http,
1114 'frame.time <= "Dec 31, 2002 07:56:31.3"', 1)
1116 def ck_relative_time_1(self):
1117 return self.DFilterCount(pkt_nfs,
1118 "frame.time_delta == 0.7", 1)
1120 def ck_relative_time_2(self):
1121 return self.DFilterCount(pkt_nfs,
1122 "frame.time_delta > 0.7", 0)
1124 def ck_relative_time_3(self):
1125 return self.DFilterCount(pkt_nfs,
1126 "frame.time_delta < 0.7", 1)
1151 """Tests routines in ftype-tvb.c"""
1153 def ck_slice_1(self):
1154 return self.DFilterCount(pkt_http,
1155 "ip[0:2] == 45:00", 1)
1157 def ck_slice_2(self):
1158 return self.DFilterCount(pkt_http,
1159 "ip[0:2] == 00:00", 0)
1161 def ck_slice_3(self):
1162 return self.DFilterCount(pkt_http,
1163 "ip[2:2] == 00:c1", 1)
1165 # These don't work yet in Ethereal
1166 def ck_slice_4(self):
1167 return self.DFilterCount(pkt_http,
1168 "ip[-5] == 0x86", 1)
1170 def ck_slice_5(self):
1171 return self.DFilterCount(pkt_http,
1172 "ip[-1] == 0x86", 0)
1175 def ck_contains_1(self):
1176 return self.DFilterCount(pkt_http,
1177 "eth contains 6b", 1)
1179 def ck_contains_2(self):
1180 return self.DFilterCount(pkt_http,
1181 "eth contains 09:6b:88", 1)
1183 def ck_contains_3(self):
1184 return self.DFilterCount(pkt_http,
1185 "eth contains 00:e0:81:00:b0:28:00:09:6b:88:f5:c9:08:00", 1)
1187 def ck_contains_4(self):
1188 return self.DFilterCount(pkt_http,
1189 "eth contains ff:ff:ff", 0)
1191 def ck_contains_5(self):
1192 return self.DFilterCount(pkt_http,
1193 'http contains "HEAD"', 1)
1211 class Scanner(Test):
1212 """Tests routines in scanner.l"""
1215 print "Note: Scanner test does not yet test embedded double-quote."
1217 def ck_dquote_1(self):
1218 return self.DFilterCount(pkt_http,
1219 'http.request.method == "HEAD"', 1)
1221 def ck_dquote_2(self):
1222 return self.DFilterCount(pkt_http,
1223 'http.request.method == "\\x48EAD"', 1)
1225 def ck_dquote_3(self):
1226 return self.DFilterCount(pkt_http,
1227 'http.request.method == "\\x58EAD"', 0)
1229 def ck_dquote_4(self):
1230 return self.DFilterCount(pkt_http,
1231 'http.request.method == "\\110EAD"', 1)
1233 def ck_dquote_5(self):
1234 return self.DFilterCount(pkt_http,
1235 'http.request.method == "\\111EAD"', 0)
1237 def ck_dquote_6(self):
1238 return self.DFilterCount(pkt_http,
1239 'http.request.method == "\\HEAD"', 1)
1249 ################################################################################
1251 # These are the test objects to run.
1252 # Keep these in alphabetical order so the help message
1253 # shows them in order.
1266 print "usage: %s [OPTS] [TEST ...]" % (sys.argv[0],)
1267 print "\t-p PATH : path to find both tethereal and text2pcap (DEFAULT: . )"
1268 print "\t-t FILE : location of tethereal binary"
1269 print "\t-x FILE : location of text2pcap binary"
1270 print "\t-k : keep temporary files"
1271 print "\t-v : verbose"
1273 print "By not mentioning a test name, all tests are run."
1274 print "Available tests are:"
1275 for test in all_tests:
1276 print "\t", test.__class__.__name__
1284 global REMOVE_TEMP_FILES
1286 # Parse the command-line options
1287 optstring = "p:t:x:kv"
1291 opts, specific_tests = getopt.getopt(sys.argv[1:], optstring, longopts)
1292 except getopt.GetoptError:
1295 for opt, arg in opts:
1303 TEXT2PCAP = os.path.join(arg, "text2pcap")
1304 TETHEREAL = os.path.join(arg, "tethereal")
1306 REMOVE_TEMP_FILES = 0
1308 print "Un-handled option:", opt
1312 if not os.path.exists(TETHEREAL):
1313 sys.exit("tethereal program '%s' does not exist." % (TETHEREAL,))
1315 if not os.path.exists(TEXT2PCAP):
1316 sys.exit("text2pcap program '%s' does not exist." % (TEXT2PCAP,))
1319 # Determine which tests to run.
1322 # Go through the tests looking for the ones whose names
1323 # match the command-line arguments.
1325 for test_name in specific_tests:
1326 for test in all_tests:
1327 if test_name == test.__class__.__name__:
1328 tests_to_run.append(test)
1331 print >> sys.stderr, "%s is unrecognized as a test." % \
1338 tests_to_run = all_tests
1340 # Run the tests and keep score.
1343 for test in tests_to_run:
1344 print test.__class__.__name__
1345 (run, succeeded) = test.Run()
1347 tot_succeeded += succeeded
1351 print "Total Tests Run:", tot_run
1352 print "Total Tests Succeeded:", tot_succeeded
1353 print "Total Tests Failed:", tot_run - tot_succeeded
1355 if tot_succeeded == tot_run:
1360 if __name__ == "__main__":
1363 except KeyboardInterrupt:
1364 print "\nInterrupted by user."