diff options
| author | Gerald Combs <gerald@wireshark.org> | 2018-05-03 12:05:12 -0700 |
|---|---|---|
| committer | Gerald Combs <gerald@wireshark.org> | 2018-05-04 22:44:32 +0000 |
| commit | 7591ed848e862d6f6f91d7398a1b98c4e5dea0fa (patch) | |
| tree | 91da5400332fb46fe94246b746a59c943314142d /test/suite_dfilter | |
| parent | 8db1616ec382ca8eca3c6059fdfa32378a7918fb (diff) | |
Test: Add dftest to our tests.
Move the dfilter tests and captures from tools to test.
Change-Id: I2e6a6cc1d383c985ba07c76c93ae1c57d3c8f84c
Reviewed-on: https://code.wireshark.org/review/27339
Petri-Dish: Gerald Combs <gerald@wireshark.org>
Tested-by: Petri Dish Buildbot
Reviewed-by: Gerald Combs <gerald@wireshark.org>
Diffstat (limited to 'test/suite_dfilter')
| -rw-r--r-- | test/suite_dfilter/__init__.py | 14 | ||||
| -rw-r--r-- | test/suite_dfilter/dfiltertest.py | 36 | ||||
| -rw-r--r-- | test/suite_dfilter/group_bytes_ether.py | 106 | ||||
| -rw-r--r-- | test/suite_dfilter/group_bytes_ipv6.py | 104 | ||||
| -rw-r--r-- | test/suite_dfilter/group_bytes_type.py | 16 | ||||
| -rw-r--r-- | test/suite_dfilter/group_double.py | 65 | ||||
| -rw-r--r-- | test/suite_dfilter/group_integer.py | 151 | ||||
| -rw-r--r-- | test/suite_dfilter/group_integer_1byte.py | 18 | ||||
| -rw-r--r-- | test/suite_dfilter/group_ipv4.py | 133 | ||||
| -rw-r--r-- | test/suite_dfilter/group_membership.py | 46 | ||||
| -rw-r--r-- | test/suite_dfilter/group_range_method.py | 32 | ||||
| -rw-r--r-- | test/suite_dfilter/group_scanner.py | 32 | ||||
| -rw-r--r-- | test/suite_dfilter/group_string_type.py | 164 | ||||
| -rw-r--r-- | test/suite_dfilter/group_stringz.py | 21 | ||||
| -rw-r--r-- | test/suite_dfilter/group_time_relative.py | 21 | ||||
| -rw-r--r-- | test/suite_dfilter/group_time_type.py | 73 | ||||
| -rw-r--r-- | test/suite_dfilter/group_tvb.py | 60 | ||||
| -rw-r--r-- | test/suite_dfilter/group_uint64.py | 16 |
18 files changed, 1108 insertions, 0 deletions
diff --git a/test/suite_dfilter/__init__.py b/test/suite_dfilter/__init__.py new file mode 100644 index 0000000000..6fb259ec50 --- /dev/null +++ b/test/suite_dfilter/__init__.py @@ -0,0 +1,14 @@ +# +# Copyright (C) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import os.path +import unittest + +# Run by unittest.defaultTestLoader.discover in test.py +def load_tests(loader, standard_tests, pattern): + this_dir = os.path.dirname(__file__) + package_tests = loader.discover(start_dir=this_dir, pattern='group_*.py') + standard_tests.addTests(package_tests) + return standard_tests diff --git a/test/suite_dfilter/dfiltertest.py b/test/suite_dfilter/dfiltertest.py new file mode 100644 index 0000000000..8ac1786ec8 --- /dev/null +++ b/test/suite_dfilter/dfiltertest.py @@ -0,0 +1,36 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import config +import os.path +import subprocesstest + +class DFTestCase(subprocesstest.SubprocessTestCase): + """Base class for all tests in this dfilter-test collection.""" + + + def runDFilter(self, dfilter, expected_return=0): + # Create the tshark command + return self.assertRun((config.cmd_tshark, + "-n", # No name resolution + "-r", # Next arg is trace file to read + os.path.join(config.capture_dir, self.trace_file), + "-Y", # packet display filter (used to be -R) + dfilter + ), expected_return=expected_return) + + + def assertDFilterCount(self, dfilter, expected_count): + """Run a display filter and expect a certain number of packets.""" + + dfilter_proc = self.runDFilter(dfilter) + + dfp_count = self.countOutput() + msg = "Expected %d, got: %s" % (expected_count, dfp_count) + self.assertEqual(dfp_count, expected_count, msg) + + def assertDFilterFail(self, dfilter): + """Run a display filter and expect tshark to fail""" + + dfilter_proc = self.runDFilter(dfilter, expected_return=self.exit_error) diff --git a/test/suite_dfilter/group_bytes_ether.py b/test/suite_dfilter/group_bytes_ether.py new file mode 100644 index 0000000000..71f8d484e0 --- /dev/null +++ b/test/suite_dfilter/group_bytes_ether.py @@ -0,0 +1,106 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_bytes_ether(dfiltertest.DFTestCase): + trace_file = "ipx_rip.pcap" + + ### Note: Bytes test does not yet test FT_INT64. + + def test_eq_1(self): + dfilter = "eth.dst == ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "eth.src == ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = "eth.dst != ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 0) + + def test_ne_2(self): + dfilter = "eth.src != ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 1) + + def test_gt_1(self): + dfilter = "eth.src > 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 0) + + def test_gt_2(self): + dfilter = "eth.src > 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = "eth.src > 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 1) + + def test_ge_1(self): + dfilter = "eth.src >= 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 0) + + def test_ge_2(self): + dfilter = "eth.src >= 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = "eth.src >= 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 1) + + def test_lt_1(self): + dfilter = "eth.src < 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "eth.src < 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = "eth.src < 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "eth.src <= 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "eth.src <= 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = "eth.src <= 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 0) + + def test_slice_1(self): + dfilter = "eth.src[0:3] == 00:aa:00" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = "eth.src[-3:3] == a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_slice_3(self): + dfilter = "eth.src[1:4] == aa:00:a3:e3" + self.assertDFilterCount(dfilter, 1) + + def test_slice_4(self): + dfilter = "eth.src[0] == 00" + self.assertDFilterCount(dfilter, 1) + + def test_contains_1(self): + dfilter = "ipx.src.node contains a3" + self.assertDFilterCount(dfilter, 1) + + def test_contains_2(self): + dfilter = "ipx.src.node contains a3:e3" + self.assertDFilterCount(dfilter, 1) + + def test_contains_3(self): + dfilter = "ipx.src.node contains 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_contains_4(self): + dfilter = "ipx.src.node contains aa:e3" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_bytes_ipv6.py b/test/suite_dfilter/group_bytes_ipv6.py new file mode 100644 index 0000000000..94237aa26c --- /dev/null +++ b/test/suite_dfilter/group_bytes_ipv6.py @@ -0,0 +1,104 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_bytes_ipv6(dfiltertest.DFTestCase): + trace_file = "ipv6.pcap" + + def test_eq_1(self): + dfilter = "ipv6.dst == ff05::9999" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ipv6.dst == ff05::9990" + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = "ipv6.dst != ff05::9990" + self.assertDFilterCount(dfilter, 1) + + def test_ne_2(self): + dfilter = "ipv6.dst != ff05::9999" + self.assertDFilterCount(dfilter, 0) + + def test_gt_1(self): + dfilter = "ipv6.dst > ff05::0000" + self.assertDFilterCount(dfilter, 1) + + def test_gt_2(self): + dfilter = "ipv6.dst > ff05::9999" + self.assertDFilterCount(dfilter, 0) + + def test_ge_1(self): + dfilter = "ipv6.dst >= ff05::9999" + self.assertDFilterCount(dfilter, 1) + + def test_ge_2(self): + dfilter = "ipv6.dst >= ff05::a000" + self.assertDFilterCount(dfilter, 0) + + def test_lt_1(self): + dfilter = "ipv6.dst < ff05::a000" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "ipv6.dst < ff05::9999" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "ipv6.dst <= ff05::9999" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "ipv6.dst <= ff05::9998" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_eq_1(self): + dfilter = "ipv6.dst == ff05::9999/128" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_2(self): + dfilter = "ipv6.dst == ff05::0/64" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_3(self): + dfilter = "ipv6.dst == ff05::ffff/112" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_4(self): + dfilter = "ipv6.dst == ff04::0/64" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_ne_1(self): + dfilter = "ipv6.dst != ff05::9999/128" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_ne_2(self): + dfilter = "ipv6.dst != ff05::0/64" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_ne_3(self): + dfilter = "ipv6.dst != ff05::ffff/112" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_ne_4(self): + dfilter = "ipv6.dst != ff04::00/64" + self.assertDFilterCount(dfilter, 1) + + def test_slice_1(self): + dfilter = "ipv6.dst[14:2] == 99:99" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = "ipv6.dst[14:2] == 00:00" + self.assertDFilterCount(dfilter, 0) + + def test_slice_3(self): + dfilter = "ipv6.dst[15:1] == 99" + self.assertDFilterCount(dfilter, 1) + + def test_slice_4(self): + dfilter = "ipv6.dst[15:1] == 00" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_bytes_type.py b/test/suite_dfilter/group_bytes_type.py new file mode 100644 index 0000000000..4031d27956 --- /dev/null +++ b/test/suite_dfilter/group_bytes_type.py @@ -0,0 +1,16 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_bytes_type(dfiltertest.DFTestCase): + trace_file = "arp.pcap" + + def test_bytes_1(self): + dfilter = "arp.dst.hw == 00:64" + self.assertDFilterCount(dfilter, 1) + + def test_ipv6_2(self): + dfilter = "arp.dst.hw == 00:00" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_double.py b/test/suite_dfilter/group_double.py new file mode 100644 index 0000000000..3bf7cb6083 --- /dev/null +++ b/test/suite_dfilter/group_double.py @@ -0,0 +1,65 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_double(dfiltertest.DFTestCase): + + trace_file = "ntp.pcap" + + def test_eq_1(self): + dfilter = "ntp.rootdelay == 0.0626983642578125" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ntp.rootdelay == 0.0626" + self.assertDFilterCount(dfilter, 0) + + def test_gt_1(self): + dfilter = "ntp.rootdelay > 1.0626" + self.assertDFilterCount(dfilter, 0) + + def test_gt_2(self): + dfilter = "ntp.rootdelay > 0.0626983642578125" + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = "ntp.rootdelay > 0.0026" + self.assertDFilterCount(dfilter, 1) + + def test_ge_1(self): + dfilter = "ntp.rootdelay >= 1.0026" + self.assertDFilterCount(dfilter, 0) + + def test_ge_2(self): + dfilter = "ntp.rootdelay >= 0.0626983642578125" + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = "ntp.rootdelay >= 0.0026" + self.assertDFilterCount(dfilter, 1) + + def test_lt_1(self): + dfilter = "ntp.rootdelay < 1.0026" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "ntp.rootdelay < 0.0626983642578125" + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = "ntp.rootdelay < 0.0026" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "ntp.rootdelay <= 1.0026" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "ntp.rootdelay <= 0.0626983642578125" + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = "ntp.rootdelay <= 0.0026" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_integer.py b/test/suite_dfilter/group_integer.py new file mode 100644 index 0000000000..42901fb1ea --- /dev/null +++ b/test/suite_dfilter/group_integer.py @@ -0,0 +1,151 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_integer(dfiltertest.DFTestCase): + trace_file = "ntp.pcap" + + def test_eq_1(self): + dfilter = "ip.version == 4" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ip.version == 6" + self.assertDFilterCount(dfilter, 0) + + def test_eq_3(self): + # Invalid filter (only one equals sign) + dfilter = "ip.version = 4" + self.assertDFilterFail(dfilter) + + def test_eq_4(self): + # Invalid filter + dfilter = "ip.version == the quick brown fox jumps over the lazy dog" + self.assertDFilterFail(dfilter) + + def test_eq_5(self): + # Invalid filter + dfilter = "ip.version == 4 the quick brown fox jumps over the lazy dog" + self.assertDFilterFail(dfilter) + + def test_ne_1(self): + dfilter = "ip.version != 0" + self.assertDFilterCount(dfilter, 1) + + def test_ne_2(self): + dfilter = "ip.version != 4" + self.assertDFilterCount(dfilter, 0) + + def test_u_gt_1(self): + dfilter = "ip.version > 3" + self.assertDFilterCount(dfilter, 1) + + def test_u_gt_2(self): + dfilter = "ip.version > 4" + self.assertDFilterCount(dfilter, 0) + + def test_u_gt_3(self): + dfilter = "ip.version > 5" + self.assertDFilterCount(dfilter, 0) + + def test_u_ge_1(self): + dfilter = "ip.version >= 3" + self.assertDFilterCount(dfilter, 1) + + def test_u_ge_2(self): + dfilter = "ip.version >= 4" + self.assertDFilterCount(dfilter, 1) + + def test_u_ge_3(self): + dfilter = "ip.version >= 5" + self.assertDFilterCount(dfilter, 0) + + def test_u_lt_1(self): + dfilter = "ip.version < 3" + self.assertDFilterCount(dfilter, 0) + + def test_u_lt_2(self): + dfilter = "ip.version < 4" + self.assertDFilterCount(dfilter, 0) + + def test_u_lt_3(self): + dfilter = "ip.version < 5" + self.assertDFilterCount(dfilter, 1) + + def test_u_le_1(self): + dfilter = "ip.version <= 3" + self.assertDFilterCount(dfilter, 0) + + def test_u_le_2(self): + dfilter = "ip.version <= 4" + self.assertDFilterCount(dfilter, 1) + + def test_u_le_3(self): + dfilter = "ip.version <= 5" + self.assertDFilterCount(dfilter, 1) + + def test_s_gt_1(self): + dfilter = "ntp.precision > -12" + self.assertDFilterCount(dfilter, 1) + + def test_s_gt_2(self): + dfilter = "ntp.precision > -11" + self.assertDFilterCount(dfilter, 0) + + def test_s_gt_3(self): + dfilter = "ntp.precision > -10" + self.assertDFilterCount(dfilter, 0) + + def test_s_ge_1(self): + dfilter = "ntp.precision >= -12" + self.assertDFilterCount(dfilter, 1) + + def test_s_ge_2(self): + dfilter = "ntp.precision >= -11" + self.assertDFilterCount(dfilter, 1) + + def test_s_ge_3(self): + dfilter = "ntp.precision >= -10" + self.assertDFilterCount(dfilter, 0) + + def test_s_lt_1(self): + dfilter = "ntp.precision < -12" + self.assertDFilterCount(dfilter, 0) + + def test_s_lt_2(self): + dfilter = "ntp.precision < -11" + self.assertDFilterCount(dfilter, 0) + + def test_s_lt_3(self): + dfilter = "ntp.precision < -10" + self.assertDFilterCount(dfilter, 1) + + def test_s_le_1(self): + dfilter = "ntp.precision <= -12" + self.assertDFilterCount(dfilter, 0) + + def test_s_le_2(self): + dfilter = "ntp.precision <= -11" + self.assertDFilterCount(dfilter, 1) + + def test_s_le_3(self): + dfilter = "ntp.precision <= -10" + self.assertDFilterCount(dfilter, 1) + + def test_bool_eq_1(self): + dfilter = "ip.flags.df == 0" + self.assertDFilterCount(dfilter, 1) + + def test_bool_eq_2(self): + dfilter = "ip.flags.df == 1" + self.assertDFilterCount(dfilter, 0) + + def test_bool_ne_1(self): + dfilter = "ip.flags.df != 1" + self.assertDFilterCount(dfilter, 1) + + def test_bool_ne_2(self): + dfilter = "ip.flags.df != 0" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_integer_1byte.py b/test/suite_dfilter/group_integer_1byte.py new file mode 100644 index 0000000000..be8ba198e8 --- /dev/null +++ b/test/suite_dfilter/group_integer_1byte.py @@ -0,0 +1,18 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + + +import dfiltertest + +class case_integer_1_byte(dfiltertest.DFTestCase): + + trace_file = "ipx_rip.pcap" + + def test_ipx_1(self): + dfilter = "ipx.src.net == 0x28" + self.assertDFilterCount(dfilter, 1) + + def test_ipx_2(self): + dfilter = "ipx.src.net == 0x29" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_ipv4.py b/test/suite_dfilter/group_ipv4.py new file mode 100644 index 0000000000..33a996f259 --- /dev/null +++ b/test/suite_dfilter/group_ipv4.py @@ -0,0 +1,133 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + + +import dfiltertest + +class case_ipv4(dfiltertest.DFTestCase): + trace_file = "nfs.pcap" + + def test_uint64_1(self): + dfilter = "nfs.fattr3.size == 264032" + self.assertDFilterCount(dfilter, 1) + + def test_eq_1(self): + dfilter = "ip.src == 172.25.100.14" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ip.src == 255.255.255.255" + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = "ip.src != 172.25.100.14" + self.assertDFilterCount(dfilter, 1) + + def test_ne_2(self): + dfilter = "ip.src != 255.255.255.255" + self.assertDFilterCount(dfilter, 2) + + def test_gt_1(self): + dfilter = "ip.dst > 198.95.230.200" + self.assertDFilterCount(dfilter, 0) + + def test_gt_2(self): + dfilter = "ip.dst > 198.95.230.20" + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = "ip.dst > 198.95.230.10" + self.assertDFilterCount(dfilter, 1) + + def test_ge_1(self): + dfilter = "ip.dst >= 198.95.230.200" + self.assertDFilterCount(dfilter, 0) + + def test_ge_2(self): + dfilter = "ip.dst >= 198.95.230.20" + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = "ip.dst >= 198.95.230.10" + self.assertDFilterCount(dfilter, 1) + + def test_lt_1(self): + dfilter = "ip.src < 172.25.100.140" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "ip.src < 172.25.100.14" + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = "ip.src < 172.25.100.10" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "ip.src <= 172.25.100.140" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "ip.src <= 172.25.100.14" + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = "ip.src <= 172.25.100.10" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_eq_1(self): + dfilter = "ip.src == 172.25.100.14/32" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_2(self): + dfilter = "ip.src == 172.25.100.0/24" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_3(self): + dfilter = "ip.src == 172.25.0.0/16" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_4(self): + dfilter = "ip.src == 172.0.0.0/8" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_1(self): + dfilter = "ip.src != 172.25.100.14/32" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_2(self): + dfilter = "ip.src != 172.25.100.0/24" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_3(self): + dfilter = "ip.src != 172.25.0.0/16" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_4(self): + dfilter = "ip.src != 200.0.0.0/8" + self.assertDFilterCount(dfilter, 2) + + def test_slice_1(self): + dfilter = "ip.src[0:2] == ac:19" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = "ip.src[0:2] == 00:00" + self.assertDFilterCount(dfilter, 0) + + def test_slice_3(self): + dfilter = "ip.src[2:2] == 64:0e" + self.assertDFilterCount(dfilter, 1) + + def test_slice_4(self): + dfilter = "ip.src[2:2] == ff:ff" + self.assertDFilterCount(dfilter, 0) + + def test_count_1(self): + dfilter = "count(ip.src) == 1" + self.assertDFilterCount(dfilter, 2) + + def test_count_2(self): + dfilter = "count(ip.addr) == 2" + self.assertDFilterCount(dfilter, 2) diff --git a/test/suite_dfilter/group_membership.py b/test/suite_dfilter/group_membership.py new file mode 100644 index 0000000000..6cfc9a207b --- /dev/null +++ b/test/suite_dfilter/group_membership.py @@ -0,0 +1,46 @@ +# Copyright (c) 2018 Peter Wu <peter@lekensteyn.nl> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_membership(dfiltertest.DFTestCase): + trace_file = "http.pcap" + + def test_membership_1_match(self): + dfilter = 'tcp.port in {80 3267}' + self.assertDFilterCount(dfilter, 1) + + def test_membership_2_range_match(self): + dfilter = 'tcp.port in {80..81}' + self.assertDFilterCount(dfilter, 1) + + def test_membership_3_range_no_match(self): + dfilter = 'tcp.dstport in {1 .. 79 81 .. 65535}' + self.assertDFilterCount(dfilter, 0) + + def test_membership_4_range_no_match_multiple(self): + # Verifies that multiple fields cannot satisfy different conditions. + dfilter = 'tcp.port in {1 .. 79 81 .. 3266 3268 .. 65535}' + self.assertDFilterCount(dfilter, 0) + + def test_membership_5_negative_range_float(self): + dfilter = 'frame.time_delta in {-2.0 .. 0.0}' + self.assertDFilterCount(dfilter, 1) + + def test_membership_6_both_negative_range_float(self): + dfilter = 'frame.time_delta in {-20 .. -.7}' + self.assertDFilterCount(dfilter, 0) + + def test_membership_7_string(self): + dfilter = 'http.request.method in {"GET" "HEAD"}' + self.assertDFilterCount(dfilter, 1) + + def test_membership_8_ip_range(self): + dfilter = 'ip.addr in { 10.0.0.5 .. 10.0.0.9 10.0.0.1..10.0.0.1 }' + self.assertDFilterCount(dfilter, 1) + + def test_membership_9_range_weird_float(self): + # expression should be parsed as "0.1 .. .7" + dfilter = 'frame.time_delta in {0.1...7}' + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_range_method.py b/test/suite_dfilter/group_range_method.py new file mode 100644 index 0000000000..520b8f261a --- /dev/null +++ b/test/suite_dfilter/group_range_method.py @@ -0,0 +1,32 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_range(dfiltertest.DFTestCase): + trace_file = "ipx_rip.pcap" + + def test_slice_1_pos(self): + dfilter = "ipx.src.node[1] == aa" + self.assertDFilterCount(dfilter, 1) + + def test_slice_1_neg(self): + dfilter = "ipx.src.node[1] == bb" + self.assertDFilterCount(dfilter, 0) + + def test_slice_1_hex_pos(self): + dfilter = "ipx.src.node[1] == 0xaa" + self.assertDFilterCount(dfilter, 1) + + def test_slice_1_hex_neg(self): + dfilter = "ipx.src.node[1] == 0xbb" + self.assertDFilterCount(dfilter, 0) + + def test_slice_2_pos(self): + dfilter = "ipx.src.node[3:2] == a3:e3" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2_neg(self): + dfilter = "ipx.src.node[3:2] == cc:dd" + self.assertDFilterCount(dfilter, 0) diff --git a/test/suite_dfilter/group_scanner.py b/test/suite_dfilter/group_scanner.py new file mode 100644 index 0000000000..4637f506fc --- /dev/null +++ b/test/suite_dfilter/group_scanner.py @@ -0,0 +1,32 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_scanner(dfiltertest.DFTestCase): + trace_file = "http.pcap" + + def test_dquote_1(self): + dfilter = 'http.request.method == "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_dquote_2(self): + dfilter = 'http.request.method == "\\x48EAD"' + self.assertDFilterCount(dfilter, 1) + + def test_dquote_3(self): + dfilter = 'http.request.method == "\\x58EAD"' + self.assertDFilterCount(dfilter, 0) + + def test_dquote_4(self): + dfilter = 'http.request.method == "\\110EAD"' + self.assertDFilterCount(dfilter, 1) + + def test_dquote_5(self): + dfilter = 'http.request.method == "\\111EAD"' + self.assertDFilterCount(dfilter, 0) + + def test_dquote_6(self): + dfilter = 'http.request.method == "\\HEAD"' + self.assertDFilterCount(dfilter, 1) diff --git a/test/suite_dfilter/group_string_type.py b/test/suite_dfilter/group_string_type.py new file mode 100644 index 0000000000..9bebfc94ab --- /dev/null +++ b/test/suite_dfilter/group_string_type.py @@ -0,0 +1,164 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_string(dfiltertest.DFTestCase): + trace_file = "http.pcap" + + def test_eq_1(self): + dfilter = 'http.request.method == "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = 'http.request.method == "POST"' + self.assertDFilterCount(dfilter, 0) + + def test_gt_1(self): + dfilter = 'http.request.method > "HEAC"' + self.assertDFilterCount(dfilter, 1) + + def test_gt_2(self): + dfilter = 'http.request.method > "HEAD"' + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = 'http.request.method > "HEAE"' + self.assertDFilterCount(dfilter, 0) + + def test_ge_1(self): + dfilter = 'http.request.method >= "HEAC"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_2(self): + dfilter = 'http.request.method >= "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = 'http.request.method >= "HEAE"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_1(self): + dfilter = 'http.request.method < "HEAC"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_2(self): + dfilter = 'http.request.method < "HEAD"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = 'http.request.method < "HEAE"' + self.assertDFilterCount(dfilter, 1) + + def test_le_1(self): + dfilter = 'http.request.method <= "HEAC"' + self.assertDFilterCount(dfilter, 0) + + def test_le_2(self): + dfilter = 'http.request.method <= "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = 'http.request.method <= "HEAE"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_1(self): + dfilter = 'http.request.method[0] == "H"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = 'http.request.method[0] == "P"' + self.assertDFilterCount(dfilter, 0) + + def test_slice_3(self): + dfilter = 'http.request.method[0:4] == "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_4(self): + dfilter = 'http.request.method[0:4] != "HEAD"' + self.assertDFilterCount(dfilter, 0) + + def test_slice_5(self): + dfilter = 'http.request.method[1:2] == "EA"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_6(self): + dfilter = 'http.request.method[1:2] > "EA"' + self.assertDFilterCount(dfilter, 0) + + def test_slice_7(self): + dfilter = 'http.request.method[-1] == "D"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_8(self): + dfilter = 'http.request.method[-2] == "D"' + self.assertDFilterCount(dfilter, 0) + + def xxxtest_stringz_1(self): + return self.DFilterCount(pkt_tftp, + 'tftp.type == "octet"', 1) + + def xxxtest_stringz_2(self): + return self.DFilterCount(pkt_tftp, + 'tftp.type == "junk"', 0) + + def test_contains_1(self): + dfilter = 'http.request.method contains "E"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_2(self): + dfilter = 'http.request.method contains "EA"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_3(self): + dfilter = 'http.request.method contains "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_4(self): + dfilter = 'http.request.method contains "POST"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_5(self): + dfilter = 'http.request.method contains 50:4f:53:54' # "POST" + self.assertDFilterCount(dfilter, 0) + + def test_contains_6(self): + dfilter = 'http.request.method contains 48:45:41:44' # "HEAD" + self.assertDFilterCount(dfilter, 1) + + def test_contains_fail_0(self): + dfilter = 'http.user_agent contains "update"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_fail_1(self): + dfilter = 'http.user_agent contains "UPDATE"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_upper_0(self): + dfilter = 'upper(http.user_agent) contains "UPDATE"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_upper_1(self): + dfilter = 'upper(http.user_agent) contains "update"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_upper_2(self): + dfilter = 'upper(tcp.seq) == 4' + self.assertDFilterFail(dfilter) + + def test_contains_lower_0(self): + dfilter = 'lower(http.user_agent) contains "UPDATE"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_lower_1(self): + dfilter = 'lower(http.user_agent) contains "update"' + self.assertDFilterCount(dfilter, 1) + + def test_eq_lower_1(self): + dfilter = 'lower(tcp.seq) == 4' + self.assertDFilterFail(dfilter) + + def test_string_len(self): + dfilter = 'len(http.request.method) == 4' + self.assertDFilterCount(dfilter, 1) diff --git a/test/suite_dfilter/group_stringz.py b/test/suite_dfilter/group_stringz.py new file mode 100644 index 0000000000..3e21a40fae --- /dev/null +++ b/test/suite_dfilter/group_stringz.py @@ -0,0 +1,21 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_stringz(dfiltertest.DFTestCase): + trace_file = "tftp.pcap" + + def test_stringz_1(self): + dfilter = 'tftp.type == octet' + self.assertDFilterCount(dfilter, 1) + + def test_stringz_2(self): + dfilter = 'tftp.type == "octet"' + self.assertDFilterCount(dfilter, 1) + + def test_stringz_3(self): + dfilter = 'tftp.type == junk' + self.assertDFilterCount(dfilter, 0) + diff --git a/test/suite_dfilter/group_time_relative.py b/test/suite_dfilter/group_time_relative.py new file mode 100644 index 0000000000..24cd79ecc6 --- /dev/null +++ b/test/suite_dfilter/group_time_relative.py @@ -0,0 +1,21 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_time_relative(dfiltertest.DFTestCase): + trace_file = "nfs.pcap" + + def test_relative_time_1(self): + dfilter = "frame.time_delta == 0.7" + self.assertDFilterCount(dfilter, 1) + + def test_relative_time_2(self): + dfilter = "frame.time_delta > 0.7" + self.assertDFilterCount(dfilter, 0) + + def test_relative_time_3(self): + dfilter = "frame.time_delta < 0.7" + self.assertDFilterCount(dfilter, 1) + diff --git a/test/suite_dfilter/group_time_type.py b/test/suite_dfilter/group_time_type.py new file mode 100644 index 0000000000..3c77c0cc67 --- /dev/null +++ b/test/suite_dfilter/group_time_type.py @@ -0,0 +1,73 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_time(dfiltertest.DFTestCase): + trace_file = "http.pcap" + + def test_eq_1(self): + dfilter = 'frame.time == "Dec 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = 'frame.time == "Jan 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = 'frame.time != "Dec 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_ne_2(self): + dfilter = 'frame.time != "Jan 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_gt_1(self): + dfilter = 'frame.time > "Dec 31, 2002 13:54:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_gt_2(self): + dfilter = 'frame.time > "Dec 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = 'frame.time > "Dec 31, 2002 13:56:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_ge_1(self): + dfilter = 'frame.time >= "Dec 31, 2002 13:54:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_2(self): + dfilter = 'frame.time >= "Dec 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = 'frame.time >= "Dec 31, 2002 13:56:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_1(self): + dfilter = 'frame.time < "Dec 31, 2002 13:54:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_2(self): + dfilter = 'frame.time < "Dec 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = 'frame.time < "Dec 31, 2002 13:56:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_le_1(self): + dfilter = 'frame.time <= "Dec 31, 2002 13:54:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_le_2(self): + dfilter = 'frame.time <= "Dec 31, 2002 13:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = 'frame.time <= "Dec 31, 2002 13:56:31.3"' + self.assertDFilterCount(dfilter, 1) + diff --git a/test/suite_dfilter/group_tvb.py b/test/suite_dfilter/group_tvb.py new file mode 100644 index 0000000000..e00047b9e3 --- /dev/null +++ b/test/suite_dfilter/group_tvb.py @@ -0,0 +1,60 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest +import unittest + +class case_tvb(dfiltertest.DFTestCase): + trace_file = "http.pcap" + + def test_eq_1(self): + # We expect 0 because even though this byte + # string matches the 'eth' protocol, protocols cannot + # work in an '==' comparison yet. + dfilter = "eth == 00:e0:81:00:b0:28:00:09:6b:88:f6:c9:08:00" + self.assertDFilterCount(dfilter, 0) + + def test_slice_1(self): + dfilter = "ip[0:2] == 45:00" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = "ip[0:2] == 00:00" + self.assertDFilterCount(dfilter, 0) + + def test_slice_3(self): + dfilter = "ip[2:2] == 00:c1" + self.assertDFilterCount(dfilter, 1) + + @unittest.skip("This doesn't work yet in Wireshark") + def test_slice_4(self): + dfilter = "ip[-5] == 0x86" + self.assertDFilterCount(dfilter, 0) + + @unittest.skip("This doesn't work yet in Wireshark") + def test_slice_5(self): + dfilter = "ip[-1] == 0x86" + self.assertDFilterCount(dfilter, 1) + + def test_contains_1(self): + dfilter = "eth contains 6b" + self.assertDFilterCount(dfilter, 1) + + def test_contains_2(self): + dfilter = "eth contains 09:6b:88" + self.assertDFilterCount(dfilter, 1) + + def test_contains_3(self): + dfilter = "eth contains 00:e0:81:00:b0:28:00:09:6b:88:f5:c9:08:00" + self.assertDFilterCount(dfilter, 1) + + def test_contains_4(self): + dfilter = "eth contains ff:ff:ff" + self.assertDFilterCount(dfilter, 0) + + def test_contains_5(self): + dfilter = 'http contains "HEAD"' + self.assertDFilterCount(dfilter, 1) + + diff --git a/test/suite_dfilter/group_uint64.py b/test/suite_dfilter/group_uint64.py new file mode 100644 index 0000000000..a4e50d7346 --- /dev/null +++ b/test/suite_dfilter/group_uint64.py @@ -0,0 +1,16 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> +# +# SPDX-License-Identifier: GPL-2.0-or-later + +import dfiltertest + +class case_uint64(dfiltertest.DFTestCase): + trace_file = "nfs.pcap" + + def test_uint64_1(self): + dfilter = "nfs.fattr3.size == 264032" + self.assertDFilterCount(dfilter, 1) + + def test_uint64_2(self): + dfilter = "nfs.fattr3.size == 264000" + self.assertDFilterCount(dfilter, 0) |