diff options
Diffstat (limited to 'test')
-rw-r--r-- | test/baseline/dhcp.ek | 8 | ||||
-rw-r--r-- | test/baseline/dhcp.json | 592 | ||||
-rw-r--r-- | test/baseline/dhcp.jsonraw | 3228 | ||||
-rw-r--r-- | test/suite_outputformats.py | 53 |
4 files changed, 3881 insertions, 0 deletions
diff --git a/test/baseline/dhcp.ek b/test/baseline/dhcp.ek new file mode 100644 index 0000000000..3976c6f773 --- /dev/null +++ b/test/baseline/dhcp.ek @@ -0,0 +1,8 @@ +{"index" : {"_index": "packets-2004-12-05", "_type": "pcap_file"}} +{"timestamp" : "1102274184317", "layers" : {"frame": {"frame_frame_encap_type": "1","frame_frame_time": "Dec 5, 2004 19:16:24.317453000 UTC","frame_frame_offset_shift": "0.000000000","frame_frame_time_epoch": "1102274184.317453000","frame_frame_time_delta": "0.000000000","frame_frame_time_delta_displayed": "0.000000000","frame_frame_time_relative": "0.000000000","frame_frame_number": "1","frame_frame_len": "314","frame_frame_cap_len": "314","frame_frame_marked": "0","frame_frame_ignored": "0","frame_frame_protocols": "eth:ethertype:ip:udp:dhcp"},"eth": {"eth_eth_dst": "ff:ff:ff:ff:ff:ff","eth_dst_eth_dst_resolved": "Broadcast","eth_dst_eth_addr": "ff:ff:ff:ff:ff:ff","eth_dst_eth_addr_resolved": "Broadcast","eth_dst_eth_lg": "1","eth_dst_eth_ig": "1","eth_eth_src": "00:0b:82:01:fc:42","eth_src_eth_src_resolved": "Grandstr_01:fc:42","eth_src_eth_addr": "00:0b:82:01:fc:42","eth_src_eth_addr_resolved": "Grandstr_01:fc:42","eth_src_eth_lg": "0","eth_src_eth_ig": "0","eth_eth_type": "0x00000800"},"ip": {"ip_ip_version": "4","ip_ip_hdr_len": "20","ip_ip_dsfield": "0x00000000","ip_dsfield_ip_dsfield_dscp": "0","ip_dsfield_ip_dsfield_ecn": "0","ip_ip_len": "300","ip_ip_id": "0x0000a836","ip_ip_flags": "0x00000000","ip_flags_ip_flags_rb": "0","ip_flags_ip_flags_df": "0","ip_flags_ip_flags_mf": "0","ip_flags_ip_frag_offset": "0","ip_ip_ttl": "250","ip_ip_proto": "17","ip_ip_checksum": "0x0000178b","ip_ip_checksum_status": "2","ip_ip_src": "0.0.0.0","ip_ip_addr": ["0.0.0.0","255.255.255.255"],"ip_ip_src_host": "0.0.0.0","ip_ip_host": ["0.0.0.0","255.255.255.255"],"ip_ip_dst": "255.255.255.255","ip_ip_dst_host": "255.255.255.255"},"udp": {"udp_udp_srcport": "68","udp_udp_dstport": "67","udp_udp_port": ["68","67"],"udp_udp_length": "280","udp_udp_checksum": "0x0000591f","udp_udp_checksum_status": "2","udp_udp_stream": "0","udp_text": "Timestamps","text_udp_time_relative": "0.000000000","text_udp_time_delta": "0.000000000"},"dhcp": {"dhcp_dhcp_type": "1","dhcp_dhcp_hw_type": "0x00000001","dhcp_dhcp_hw_len": "6","dhcp_dhcp_hops": "0","dhcp_dhcp_id": "0x00003d1d","dhcp_dhcp_secs": "0","dhcp_dhcp_flags": "0x00000000","dhcp_flags_dhcp_flags_bc": "0","dhcp_flags_dhcp_flags_reserved": "0x00000000","dhcp_dhcp_ip_client": "0.0.0.0","dhcp_dhcp_ip_your": "0.0.0.0","dhcp_dhcp_ip_server": "0.0.0.0","dhcp_dhcp_ip_relay": "0.0.0.0","dhcp_dhcp_hw_mac_addr": "00:0b:82:01:fc:42","dhcp_dhcp_hw_addr_padding": "00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_server": "","dhcp_dhcp_file": "","dhcp_dhcp_cookie": "99.130.83.99","dhcp_dhcp_option_type": ["53","61","50","55","0"],"dhcp_option_type_dhcp_option_length": ["1","7","4","4"],"dhcp_option_type_dhcp_option_value": ["01","01:00:0b:82:01:fc:42","00:00:00:00","01:03:06:2a"],"dhcp_option_type_dhcp_option_dhcp": "1","dhcp_option_type_dhcp_hw_type": "0x00000001","dhcp_option_type_dhcp_hw_mac_addr": "00:0b:82:01:fc:42","dhcp_option_type_dhcp_option_requested_ip_address": "0.0.0.0","dhcp_option_type_dhcp_option_request_list_item": ["1","3","6","42"],"dhcp_option_type_dhcp_option_end": "255","dhcp_dhcp_option_padding": "00:00:00:00:00:00:00"}}} +{"index" : {"_index": "packets-2004-12-05", "_type": "pcap_file"}} +{"timestamp" : "1102274184317", "layers" : {"frame": {"frame_frame_encap_type": "1","frame_frame_time": "Dec 5, 2004 19:16:24.317748000 UTC","frame_frame_offset_shift": "0.000000000","frame_frame_time_epoch": "1102274184.317748000","frame_frame_time_delta": "0.000295000","frame_frame_time_delta_displayed": "0.000295000","frame_frame_time_relative": "0.000295000","frame_frame_number": "2","frame_frame_len": "342","frame_frame_cap_len": "342","frame_frame_marked": "0","frame_frame_ignored": "0","frame_frame_protocols": "eth:ethertype:ip:udp:dhcp"},"eth": {"eth_eth_dst": "00:0b:82:01:fc:42","eth_dst_eth_dst_resolved": "Grandstr_01:fc:42","eth_dst_eth_addr": "00:0b:82:01:fc:42","eth_dst_eth_addr_resolved": "Grandstr_01:fc:42","eth_dst_eth_lg": "0","eth_dst_eth_ig": "0","eth_eth_src": "00:08:74:ad:f1:9b","eth_src_eth_src_resolved": "Dell_ad:f1:9b","eth_src_eth_addr": "00:08:74:ad:f1:9b","eth_src_eth_addr_resolved": "Dell_ad:f1:9b","eth_src_eth_lg": "0","eth_src_eth_ig": "0","eth_eth_type": "0x00000800"},"ip": {"ip_ip_version": "4","ip_ip_hdr_len": "20","ip_ip_dsfield": "0x00000000","ip_dsfield_ip_dsfield_dscp": "0","ip_dsfield_ip_dsfield_ecn": "0","ip_ip_len": "328","ip_ip_id": "0x00000445","ip_ip_flags": "0x00000000","ip_flags_ip_flags_rb": "0","ip_flags_ip_flags_df": "0","ip_flags_ip_flags_mf": "0","ip_flags_ip_frag_offset": "0","ip_ip_ttl": "128","ip_ip_proto": "17","ip_ip_checksum": "0x00000000","ip_ip_checksum_status": "2","ip_ip_src": "192.168.0.1","ip_ip_addr": ["192.168.0.1","192.168.0.10"],"ip_ip_src_host": "192.168.0.1","ip_ip_host": ["192.168.0.1","192.168.0.10"],"ip_ip_dst": "192.168.0.10","ip_ip_dst_host": "192.168.0.10"},"udp": {"udp_udp_srcport": "67","udp_udp_dstport": "68","udp_udp_port": ["67","68"],"udp_udp_length": "308","udp_udp_checksum": "0x00002233","udp_udp_checksum_status": "2","udp_udp_stream": "1","udp_text": "Timestamps","text_udp_time_relative": "0.000000000","text_udp_time_delta": "0.000000000"},"dhcp": {"dhcp_dhcp_type": "2","dhcp_dhcp_hw_type": "0x00000001","dhcp_dhcp_hw_len": "6","dhcp_dhcp_hops": "0","dhcp_dhcp_id": "0x00003d1d","dhcp_dhcp_secs": "0","dhcp_dhcp_flags": "0x00000000","dhcp_flags_dhcp_flags_bc": "0","dhcp_flags_dhcp_flags_reserved": "0x00000000","dhcp_dhcp_ip_client": "0.0.0.0","dhcp_dhcp_ip_your": "192.168.0.10","dhcp_dhcp_ip_server": "192.168.0.1","dhcp_dhcp_ip_relay": "0.0.0.0","dhcp_dhcp_hw_mac_addr": "00:0b:82:01:fc:42","dhcp_dhcp_hw_addr_padding": "00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_server": "","dhcp_dhcp_file": "","dhcp_dhcp_cookie": "99.130.83.99","dhcp_dhcp_option_type": ["53","1","58","59","51","54","0"],"dhcp_option_type_dhcp_option_length": ["1","4","4","4","4","4"],"dhcp_option_type_dhcp_option_value": ["02","ff:ff:ff:00","00:00:07:08","00:00:0c:4e","00:00:0e:10","c0:a8:00:01"],"dhcp_option_type_dhcp_option_dhcp": "2","dhcp_option_type_dhcp_option_subnet_mask": "255.255.255.0","dhcp_option_type_dhcp_option_renewal_time_value": "1800","dhcp_option_type_dhcp_option_rebinding_time_value": "3150","dhcp_option_type_dhcp_option_ip_address_lease_time": "3600","dhcp_option_type_dhcp_option_dhcp_server_id": "192.168.0.1","dhcp_option_type_dhcp_option_end": "255","dhcp_dhcp_option_padding": "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"}}} +{"index" : {"_index": "packets-2004-12-05", "_type": "pcap_file"}} +{"timestamp" : "1102274184387", "layers" : {"frame": {"frame_frame_encap_type": "1","frame_frame_time": "Dec 5, 2004 19:16:24.387484000 UTC","frame_frame_offset_shift": "0.000000000","frame_frame_time_epoch": "1102274184.387484000","frame_frame_time_delta": "0.069736000","frame_frame_time_delta_displayed": "0.069736000","frame_frame_time_relative": "0.070031000","frame_frame_number": "3","frame_frame_len": "314","frame_frame_cap_len": "314","frame_frame_marked": "0","frame_frame_ignored": "0","frame_frame_protocols": "eth:ethertype:ip:udp:dhcp"},"eth": {"eth_eth_dst": "ff:ff:ff:ff:ff:ff","eth_dst_eth_dst_resolved": "Broadcast","eth_dst_eth_addr": "ff:ff:ff:ff:ff:ff","eth_dst_eth_addr_resolved": "Broadcast","eth_dst_eth_lg": "1","eth_dst_eth_ig": "1","eth_eth_src": "00:0b:82:01:fc:42","eth_src_eth_src_resolved": "Grandstr_01:fc:42","eth_src_eth_addr": "00:0b:82:01:fc:42","eth_src_eth_addr_resolved": "Grandstr_01:fc:42","eth_src_eth_lg": "0","eth_src_eth_ig": "0","eth_eth_type": "0x00000800"},"ip": {"ip_ip_version": "4","ip_ip_hdr_len": "20","ip_ip_dsfield": "0x00000000","ip_dsfield_ip_dsfield_dscp": "0","ip_dsfield_ip_dsfield_ecn": "0","ip_ip_len": "300","ip_ip_id": "0x0000a837","ip_ip_flags": "0x00000000","ip_flags_ip_flags_rb": "0","ip_flags_ip_flags_df": "0","ip_flags_ip_flags_mf": "0","ip_flags_ip_frag_offset": "0","ip_ip_ttl": "250","ip_ip_proto": "17","ip_ip_checksum": "0x0000178a","ip_ip_checksum_status": "2","ip_ip_src": "0.0.0.0","ip_ip_addr": ["0.0.0.0","255.255.255.255"],"ip_ip_src_host": "0.0.0.0","ip_ip_host": ["0.0.0.0","255.255.255.255"],"ip_ip_dst": "255.255.255.255","ip_ip_dst_host": "255.255.255.255"},"udp": {"udp_udp_srcport": "68","udp_udp_dstport": "67","udp_udp_port": ["68","67"],"udp_udp_length": "280","udp_udp_checksum": "0x00009fbd","udp_udp_checksum_status": "2","udp_udp_stream": "0","udp_text": "Timestamps","text_udp_time_relative": "0.070031000","text_udp_time_delta": "0.070031000"},"dhcp": {"dhcp_dhcp_type": "1","dhcp_dhcp_hw_type": "0x00000001","dhcp_dhcp_hw_len": "6","dhcp_dhcp_hops": "0","dhcp_dhcp_id": "0x00003d1e","dhcp_dhcp_secs": "0","dhcp_dhcp_flags": "0x00000000","dhcp_flags_dhcp_flags_bc": "0","dhcp_flags_dhcp_flags_reserved": "0x00000000","dhcp_dhcp_ip_client": "0.0.0.0","dhcp_dhcp_ip_your": "0.0.0.0","dhcp_dhcp_ip_server": "0.0.0.0","dhcp_dhcp_ip_relay": "0.0.0.0","dhcp_dhcp_hw_mac_addr": "00:0b:82:01:fc:42","dhcp_dhcp_hw_addr_padding": "00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_server": "","dhcp_dhcp_file": "","dhcp_dhcp_cookie": "99.130.83.99","dhcp_dhcp_option_type": ["53","61","50","54","55","0"],"dhcp_option_type_dhcp_option_length": ["1","7","4","4","4"],"dhcp_option_type_dhcp_option_value": ["03","01:00:0b:82:01:fc:42","c0:a8:00:0a","c0:a8:00:01","01:03:06:2a"],"dhcp_option_type_dhcp_option_dhcp": "3","dhcp_option_type_dhcp_hw_type": "0x00000001","dhcp_option_type_dhcp_hw_mac_addr": "00:0b:82:01:fc:42","dhcp_option_type_dhcp_option_requested_ip_address": "192.168.0.10","dhcp_option_type_dhcp_option_dhcp_server_id": "192.168.0.1","dhcp_option_type_dhcp_option_request_list_item": ["1","3","6","42"],"dhcp_option_type_dhcp_option_end": "255","dhcp_dhcp_option_padding": "00"}}} +{"index" : {"_index": "packets-2004-12-05", "_type": "pcap_file"}} +{"timestamp" : "1102274184387", "layers" : {"frame": {"frame_frame_encap_type": "1","frame_frame_time": "Dec 5, 2004 19:16:24.387798000 UTC","frame_frame_offset_shift": "0.000000000","frame_frame_time_epoch": "1102274184.387798000","frame_frame_time_delta": "0.000314000","frame_frame_time_delta_displayed": "0.000314000","frame_frame_time_relative": "0.070345000","frame_frame_number": "4","frame_frame_len": "342","frame_frame_cap_len": "342","frame_frame_marked": "0","frame_frame_ignored": "0","frame_frame_protocols": "eth:ethertype:ip:udp:dhcp"},"eth": {"eth_eth_dst": "00:0b:82:01:fc:42","eth_dst_eth_dst_resolved": "Grandstr_01:fc:42","eth_dst_eth_addr": "00:0b:82:01:fc:42","eth_dst_eth_addr_resolved": "Grandstr_01:fc:42","eth_dst_eth_lg": "0","eth_dst_eth_ig": "0","eth_eth_src": "00:08:74:ad:f1:9b","eth_src_eth_src_resolved": "Dell_ad:f1:9b","eth_src_eth_addr": "00:08:74:ad:f1:9b","eth_src_eth_addr_resolved": "Dell_ad:f1:9b","eth_src_eth_lg": "0","eth_src_eth_ig": "0","eth_eth_type": "0x00000800"},"ip": {"ip_ip_version": "4","ip_ip_hdr_len": "20","ip_ip_dsfield": "0x00000000","ip_dsfield_ip_dsfield_dscp": "0","ip_dsfield_ip_dsfield_ecn": "0","ip_ip_len": "328","ip_ip_id": "0x00000446","ip_ip_flags": "0x00000000","ip_flags_ip_flags_rb": "0","ip_flags_ip_flags_df": "0","ip_flags_ip_flags_mf": "0","ip_flags_ip_frag_offset": "0","ip_ip_ttl": "128","ip_ip_proto": "17","ip_ip_checksum": "0x00000000","ip_ip_checksum_status": "2","ip_ip_src": "192.168.0.1","ip_ip_addr": ["192.168.0.1","192.168.0.10"],"ip_ip_src_host": "192.168.0.1","ip_ip_host": ["192.168.0.1","192.168.0.10"],"ip_ip_dst": "192.168.0.10","ip_ip_dst_host": "192.168.0.10"},"udp": {"udp_udp_srcport": "67","udp_udp_dstport": "68","udp_udp_port": ["67","68"],"udp_udp_length": "308","udp_udp_checksum": "0x0000dfdb","udp_udp_checksum_status": "2","udp_udp_stream": "1","udp_text": "Timestamps","text_udp_time_relative": "0.070050000","text_udp_time_delta": "0.070050000"},"dhcp": {"dhcp_dhcp_type": "2","dhcp_dhcp_hw_type": "0x00000001","dhcp_dhcp_hw_len": "6","dhcp_dhcp_hops": "0","dhcp_dhcp_id": "0x00003d1e","dhcp_dhcp_secs": "0","dhcp_dhcp_flags": "0x00000000","dhcp_flags_dhcp_flags_bc": "0","dhcp_flags_dhcp_flags_reserved": "0x00000000","dhcp_dhcp_ip_client": "0.0.0.0","dhcp_dhcp_ip_your": "192.168.0.10","dhcp_dhcp_ip_server": "0.0.0.0","dhcp_dhcp_ip_relay": "0.0.0.0","dhcp_dhcp_hw_mac_addr": "00:0b:82:01:fc:42","dhcp_dhcp_hw_addr_padding": "00:00:00:00:00:00:00:00:00:00","dhcp_dhcp_server": "","dhcp_dhcp_file": "","dhcp_dhcp_cookie": "99.130.83.99","dhcp_dhcp_option_type": ["53","58","59","51","54","1","0"],"dhcp_option_type_dhcp_option_length": ["1","4","4","4","4","4"],"dhcp_option_type_dhcp_option_value": ["05","00:00:07:08","00:00:0c:4e","00:00:0e:10","c0:a8:00:01","ff:ff:ff:00"],"dhcp_option_type_dhcp_option_dhcp": "5","dhcp_option_type_dhcp_option_renewal_time_value": "1800","dhcp_option_type_dhcp_option_rebinding_time_value": "3150","dhcp_option_type_dhcp_option_ip_address_lease_time": "3600","dhcp_option_type_dhcp_option_dhcp_server_id": "192.168.0.1","dhcp_option_type_dhcp_option_subnet_mask": "255.255.255.0","dhcp_option_type_dhcp_option_end": "255","dhcp_dhcp_option_padding": "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00"}}} diff --git a/test/baseline/dhcp.json b/test/baseline/dhcp.json new file mode 100644 index 0000000000..c087794271 --- /dev/null +++ b/test/baseline/dhcp.json @@ -0,0 +1,592 @@ +[ + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.317453000 UTC", + "frame.offset_shift": "0.000000000", + "frame.time_epoch": "1102274184.317453000", + "frame.time_delta": "0.000000000", + "frame.time_delta_displayed": "0.000000000", + "frame.time_relative": "0.000000000", + "frame.number": "1", + "frame.len": "314", + "frame.cap_len": "314", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "ff:ff:ff:ff:ff:ff", + "eth.dst_tree": { + "eth.dst_resolved": "Broadcast", + "eth.addr": "ff:ff:ff:ff:ff:ff", + "eth.addr_resolved": "Broadcast", + "eth.lg": "1", + "eth.ig": "1" + }, + "eth.src": "00:0b:82:01:fc:42", + "eth.src_tree": { + "eth.src_resolved": "Grandstr_01:fc:42", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "Grandstr_01:fc:42", + "eth.lg": "0", + "eth.ig": "0" + }, + "eth.type": "0x00000800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00000000", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "300", + "ip.id": "0x0000a836", + "ip.flags": "0x00000000", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0", + "ip.frag_offset": "0" + }, + "ip.ttl": "250", + "ip.proto": "17", + "ip.checksum": "0x0000178b", + "ip.checksum.status": "2", + "ip.src": "0.0.0.0", + "ip.addr": "0.0.0.0", + "ip.src_host": "0.0.0.0", + "ip.host": "0.0.0.0", + "ip.dst": "255.255.255.255", + "ip.addr": "255.255.255.255", + "ip.dst_host": "255.255.255.255", + "ip.host": "255.255.255.255" + }, + "udp": { + "udp.srcport": "68", + "udp.dstport": "67", + "udp.port": "68", + "udp.port": "67", + "udp.length": "280", + "udp.checksum": "0x0000591f", + "udp.checksum.status": "2", + "udp.stream": "0", + "Timestamps": { + "udp.time_relative": "0.000000000", + "udp.time_delta": "0.000000000" + } + }, + "dhcp": { + "dhcp.type": "1", + "dhcp.hw.type": "0x00000001", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1d", + "dhcp.secs": "0", + "dhcp.flags": "0x00000000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x00000000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "0.0.0.0", + "dhcp.ip.server": "0.0.0.0", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "01", + "dhcp.option.dhcp": "1" + }, + "dhcp.option.type": "61", + "dhcp.option.type_tree": { + "dhcp.option.length": "7", + "dhcp.option.value": "01:00:0b:82:01:fc:42", + "dhcp.hw.type": "0x00000001", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42" + }, + "dhcp.option.type": "50", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:00:00", + "dhcp.option.requested_ip_address": "0.0.0.0" + }, + "dhcp.option.type": "55", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "01:03:06:2a", + "dhcp.option.request_list_item": "1", + "dhcp.option.request_list_item": "3", + "dhcp.option.request_list_item": "6", + "dhcp.option.request_list_item": "42" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00:00:00:00:00:00:00" + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.317748000 UTC", + "frame.offset_shift": "0.000000000", + "frame.time_epoch": "1102274184.317748000", + "frame.time_delta": "0.000295000", + "frame.time_delta_displayed": "0.000295000", + "frame.time_relative": "0.000295000", + "frame.number": "2", + "frame.len": "342", + "frame.cap_len": "342", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "00:0b:82:01:fc:42", + "eth.dst_tree": { + "eth.dst_resolved": "Grandstr_01:fc:42", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "Grandstr_01:fc:42", + "eth.lg": "0", + "eth.ig": "0" + }, + "eth.src": "00:08:74:ad:f1:9b", + "eth.src_tree": { + "eth.src_resolved": "Dell_ad:f1:9b", + "eth.addr": "00:08:74:ad:f1:9b", + "eth.addr_resolved": "Dell_ad:f1:9b", + "eth.lg": "0", + "eth.ig": "0" + }, + "eth.type": "0x00000800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00000000", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "328", + "ip.id": "0x00000445", + "ip.flags": "0x00000000", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0", + "ip.frag_offset": "0" + }, + "ip.ttl": "128", + "ip.proto": "17", + "ip.checksum": "0x00000000", + "ip.checksum.status": "2", + "ip.src": "192.168.0.1", + "ip.addr": "192.168.0.1", + "ip.src_host": "192.168.0.1", + "ip.host": "192.168.0.1", + "ip.dst": "192.168.0.10", + "ip.addr": "192.168.0.10", + "ip.dst_host": "192.168.0.10", + "ip.host": "192.168.0.10" + }, + "udp": { + "udp.srcport": "67", + "udp.dstport": "68", + "udp.port": "67", + "udp.port": "68", + "udp.length": "308", + "udp.checksum": "0x00002233", + "udp.checksum.status": "2", + "udp.stream": "1", + "Timestamps": { + "udp.time_relative": "0.000000000", + "udp.time_delta": "0.000000000" + } + }, + "dhcp": { + "dhcp.type": "2", + "dhcp.hw.type": "0x00000001", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1d", + "dhcp.secs": "0", + "dhcp.flags": "0x00000000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x00000000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "192.168.0.10", + "dhcp.ip.server": "192.168.0.1", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "02", + "dhcp.option.dhcp": "2" + }, + "dhcp.option.type": "1", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "ff:ff:ff:00", + "dhcp.option.subnet_mask": "255.255.255.0" + }, + "dhcp.option.type": "58", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:07:08", + "dhcp.option.renewal_time_value": "1800" + }, + "dhcp.option.type": "59", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0c:4e", + "dhcp.option.rebinding_time_value": "3150" + }, + "dhcp.option.type": "51", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0e:10", + "dhcp.option.ip_address_lease_time": "3600" + }, + "dhcp.option.type": "54", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:01", + "dhcp.option.dhcp_server_id": "192.168.0.1" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.387484000 UTC", + "frame.offset_shift": "0.000000000", + "frame.time_epoch": "1102274184.387484000", + "frame.time_delta": "0.069736000", + "frame.time_delta_displayed": "0.069736000", + "frame.time_relative": "0.070031000", + "frame.number": "3", + "frame.len": "314", + "frame.cap_len": "314", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "ff:ff:ff:ff:ff:ff", + "eth.dst_tree": { + "eth.dst_resolved": "Broadcast", + "eth.addr": "ff:ff:ff:ff:ff:ff", + "eth.addr_resolved": "Broadcast", + "eth.lg": "1", + "eth.ig": "1" + }, + "eth.src": "00:0b:82:01:fc:42", + "eth.src_tree": { + "eth.src_resolved": "Grandstr_01:fc:42", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "Grandstr_01:fc:42", + "eth.lg": "0", + "eth.ig": "0" + }, + "eth.type": "0x00000800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00000000", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "300", + "ip.id": "0x0000a837", + "ip.flags": "0x00000000", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0", + "ip.frag_offset": "0" + }, + "ip.ttl": "250", + "ip.proto": "17", + "ip.checksum": "0x0000178a", + "ip.checksum.status": "2", + "ip.src": "0.0.0.0", + "ip.addr": "0.0.0.0", + "ip.src_host": "0.0.0.0", + "ip.host": "0.0.0.0", + "ip.dst": "255.255.255.255", + "ip.addr": "255.255.255.255", + "ip.dst_host": "255.255.255.255", + "ip.host": "255.255.255.255" + }, + "udp": { + "udp.srcport": "68", + "udp.dstport": "67", + "udp.port": "68", + "udp.port": "67", + "udp.length": "280", + "udp.checksum": "0x00009fbd", + "udp.checksum.status": "2", + "udp.stream": "0", + "Timestamps": { + "udp.time_relative": "0.070031000", + "udp.time_delta": "0.070031000" + } + }, + "dhcp": { + "dhcp.type": "1", + "dhcp.hw.type": "0x00000001", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1e", + "dhcp.secs": "0", + "dhcp.flags": "0x00000000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x00000000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "0.0.0.0", + "dhcp.ip.server": "0.0.0.0", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "03", + "dhcp.option.dhcp": "3" + }, + "dhcp.option.type": "61", + "dhcp.option.type_tree": { + "dhcp.option.length": "7", + "dhcp.option.value": "01:00:0b:82:01:fc:42", + "dhcp.hw.type": "0x00000001", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42" + }, + "dhcp.option.type": "50", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:0a", + "dhcp.option.requested_ip_address": "192.168.0.10" + }, + "dhcp.option.type": "54", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:01", + "dhcp.option.dhcp_server_id": "192.168.0.1" + }, + "dhcp.option.type": "55", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "01:03:06:2a", + "dhcp.option.request_list_item": "1", + "dhcp.option.request_list_item": "3", + "dhcp.option.request_list_item": "6", + "dhcp.option.request_list_item": "42" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00" + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame": { + "frame.encap_type": "1", + "frame.time": "Dec 5, 2004 19:16:24.387798000 UTC", + "frame.offset_shift": "0.000000000", + "frame.time_epoch": "1102274184.387798000", + "frame.time_delta": "0.000314000", + "frame.time_delta_displayed": "0.000314000", + "frame.time_relative": "0.070345000", + "frame.number": "4", + "frame.len": "342", + "frame.cap_len": "342", + "frame.marked": "0", + "frame.ignored": "0", + "frame.protocols": "eth:ethertype:ip:udp:dhcp" + }, + "eth": { + "eth.dst": "00:0b:82:01:fc:42", + "eth.dst_tree": { + "eth.dst_resolved": "Grandstr_01:fc:42", + "eth.addr": "00:0b:82:01:fc:42", + "eth.addr_resolved": "Grandstr_01:fc:42", + "eth.lg": "0", + "eth.ig": "0" + }, + "eth.src": "00:08:74:ad:f1:9b", + "eth.src_tree": { + "eth.src_resolved": "Dell_ad:f1:9b", + "eth.addr": "00:08:74:ad:f1:9b", + "eth.addr_resolved": "Dell_ad:f1:9b", + "eth.lg": "0", + "eth.ig": "0" + }, + "eth.type": "0x00000800" + }, + "ip": { + "ip.version": "4", + "ip.hdr_len": "20", + "ip.dsfield": "0x00000000", + "ip.dsfield_tree": { + "ip.dsfield.dscp": "0", + "ip.dsfield.ecn": "0" + }, + "ip.len": "328", + "ip.id": "0x00000446", + "ip.flags": "0x00000000", + "ip.flags_tree": { + "ip.flags.rb": "0", + "ip.flags.df": "0", + "ip.flags.mf": "0", + "ip.frag_offset": "0" + }, + "ip.ttl": "128", + "ip.proto": "17", + "ip.checksum": "0x00000000", + "ip.checksum.status": "2", + "ip.src": "192.168.0.1", + "ip.addr": "192.168.0.1", + "ip.src_host": "192.168.0.1", + "ip.host": "192.168.0.1", + "ip.dst": "192.168.0.10", + "ip.addr": "192.168.0.10", + "ip.dst_host": "192.168.0.10", + "ip.host": "192.168.0.10" + }, + "udp": { + "udp.srcport": "67", + "udp.dstport": "68", + "udp.port": "67", + "udp.port": "68", + "udp.length": "308", + "udp.checksum": "0x0000dfdb", + "udp.checksum.status": "2", + "udp.stream": "1", + "Timestamps": { + "udp.time_relative": "0.070050000", + "udp.time_delta": "0.070050000" + } + }, + "dhcp": { + "dhcp.type": "2", + "dhcp.hw.type": "0x00000001", + "dhcp.hw.len": "6", + "dhcp.hops": "0", + "dhcp.id": "0x00003d1e", + "dhcp.secs": "0", + "dhcp.flags": "0x00000000", + "dhcp.flags_tree": { + "dhcp.flags.bc": "0", + "dhcp.flags.reserved": "0x00000000" + }, + "dhcp.ip.client": "0.0.0.0", + "dhcp.ip.your": "192.168.0.10", + "dhcp.ip.server": "0.0.0.0", + "dhcp.ip.relay": "0.0.0.0", + "dhcp.hw.mac_addr": "00:0b:82:01:fc:42", + "dhcp.hw.addr_padding": "00:00:00:00:00:00:00:00:00:00", + "dhcp.server": "", + "dhcp.file": "", + "dhcp.cookie": "99.130.83.99", + "dhcp.option.type": "53", + "dhcp.option.type_tree": { + "dhcp.option.length": "1", + "dhcp.option.value": "05", + "dhcp.option.dhcp": "5" + }, + "dhcp.option.type": "58", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:07:08", + "dhcp.option.renewal_time_value": "1800" + }, + "dhcp.option.type": "59", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0c:4e", + "dhcp.option.rebinding_time_value": "3150" + }, + "dhcp.option.type": "51", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "00:00:0e:10", + "dhcp.option.ip_address_lease_time": "3600" + }, + "dhcp.option.type": "54", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "c0:a8:00:01", + "dhcp.option.dhcp_server_id": "192.168.0.1" + }, + "dhcp.option.type": "1", + "dhcp.option.type_tree": { + "dhcp.option.length": "4", + "dhcp.option.value": "ff:ff:ff:00", + "dhcp.option.subnet_mask": "255.255.255.0" + }, + "dhcp.option.type": "0", + "dhcp.option.type_tree": { + "dhcp.option.end": "255" + }, + "dhcp.option.padding": "00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00" + } + } + } + } +] diff --git a/test/baseline/dhcp.jsonraw b/test/baseline/dhcp.jsonraw new file mode 100644 index 0000000000..cf7060451f --- /dev/null +++ b/test/baseline/dhcp.jsonraw @@ -0,0 +1,3228 @@ +[ + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "ffffffffffff000b8201fc4208004500012ca8360000fa11178b00000000ffffffff004400430118591f0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000", + 0, + 314, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "ffffffffffff000b8201fc420800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "1", + 0, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "1", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "4500012ca8360000fa11178b00000000ffffffff", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "4", + 14, + 1, + 240, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "012c", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "a836", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0000", + 20, + 2, + 0, + 5 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 2, + 32768, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 2, + 16384, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 2, + 8192, + 2 + ], + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ] + }, + "ip.ttl_raw": [ + "fa", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "178b", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "004400430118591f", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0118", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "591f", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + } + }, + "dhcp_raw": [ + "0101060000003d1d0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501013d0701000b8201fc4232040000000037040103062aff00000000000000", + 42, + 272, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "01", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1d", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "00000000", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "00000000", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350101", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "01", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "01", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "3d0701000b8201fc42", + 285, + 9, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "07", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "01000b8201fc42", + 287, + 7, + 0, + 30 + ], + "dhcp.hw.type_raw": [ + "01", + 287, + 1, + 0, + 4 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 288, + 6, + 0, + 29 + ] + }, + "dhcp.option.type_raw": [ + "320400000000", + 294, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 295, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000000", + 296, + 4, + 0, + 30 + ], + "dhcp.option.requested_ip_address_raw": [ + "00000000", + 296, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "37040103062a", + 300, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 301, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "0103062a", + 302, + 4, + 0, + 30 + ], + "dhcp.option.request_list_item_raw": [ + "01", + 302, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "03", + 303, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "06", + 304, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "2a", + 305, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 306, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 306, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "00000000000000", + 307, + 7, + 0, + 30 + ] + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "000b8201fc42000874adf19b0800450001480445000080110000c0a80001c0a8000a00430044013422330201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000", + 0, + 342, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "000b8201fc42000874adf19b0800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "0", + 0, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "0", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "450001480445000080110000c0a80001c0a8000a", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "4", + 14, + 1, + 240, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "0148", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "0445", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0000", + 20, + 2, + 0, + 5 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 2, + 32768, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 2, + 16384, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 2, + 8192, + 2 + ], + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ] + }, + "ip.ttl_raw": [ + "80", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "0000", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "0043004401342233", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0134", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "2233", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + } + }, + "dhcp_raw": [ + "0201060000003d1d0000000000000000c0a8000ac0a8000100000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501020104ffffff003a04000007083b0400000c4e330400000e103604c0a80001ff0000000000000000000000000000000000000000000000000000", + 42, + 300, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "02", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1d", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "c0a8000a", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "c0a80001", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350102", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "02", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "02", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "0104ffffff00", + 285, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "ffffff00", + 287, + 4, + 0, + 30 + ], + "dhcp.option.subnet_mask_raw": [ + "ffffff00", + 287, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "3a0400000708", + 291, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 292, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000708", + 293, + 4, + 0, + 30 + ], + "dhcp.option.renewal_time_value_raw": [ + "00000708", + 293, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3b0400000c4e", + 297, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 298, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000c4e", + 299, + 4, + 0, + 30 + ], + "dhcp.option.rebinding_time_value_raw": [ + "00000c4e", + 299, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "330400000e10", + 303, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 304, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000e10", + 305, + 4, + 0, + 30 + ], + "dhcp.option.ip_address_lease_time_raw": [ + "00000e10", + 305, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3604c0a80001", + 309, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 310, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a80001", + 311, + 4, + 0, + 30 + ], + "dhcp.option.dhcp_server_id_raw": [ + "c0a80001", + 311, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 315, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 315, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "0000000000000000000000000000000000000000000000000000", + 316, + 26, + 0, + 30 + ] + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "ffffffffffff000b8201fc4208004500012ca8370000fa11178a00000000ffffffff0044004301189fbd0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00", + 0, + 314, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "ffffffffffff000b8201fc420800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "ffffffffffff", + 0, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "1", + 0, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "1", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 6, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "4500012ca8370000fa11178a00000000ffffffff", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "4", + 14, + 1, + 240, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "012c", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "a837", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0000", + 20, + 2, + 0, + 5 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 2, + 32768, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 2, + 16384, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 2, + 8192, + 2 + ], + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ] + }, + "ip.ttl_raw": [ + "fa", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "178a", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "00000000", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "00000000", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "ffffffff", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "ffffffff", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "0044004301189fbd", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0118", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "9fbd", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + } + }, + "dhcp_raw": [ + "0101060000003d1e0000000000000000000000000000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501033d0701000b8201fc423204c0a8000a3604c0a8000137040103062aff00", + 42, + 272, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "01", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1e", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "00000000", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "00000000", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350103", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "03", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "03", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "3d0701000b8201fc42", + 285, + 9, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "07", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "01000b8201fc42", + 287, + 7, + 0, + 30 + ], + "dhcp.hw.type_raw": [ + "01", + 287, + 1, + 0, + 4 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 288, + 6, + 0, + 29 + ] + }, + "dhcp.option.type_raw": [ + "3204c0a8000a", + 294, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 295, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a8000a", + 296, + 4, + 0, + 30 + ], + "dhcp.option.requested_ip_address_raw": [ + "c0a8000a", + 296, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "3604c0a80001", + 300, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 301, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a80001", + 302, + 4, + 0, + 30 + ], + "dhcp.option.dhcp_server_id_raw": [ + "c0a80001", + 302, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "37040103062a", + 306, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 307, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "0103062a", + 308, + 4, + 0, + 30 + ], + "dhcp.option.request_list_item_raw": [ + "01", + 308, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "03", + 309, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "06", + 310, + 1, + 0, + 4 + ], + "dhcp.option.request_list_item_raw": [ + "2a", + 311, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 312, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 312, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "00", + 313, + 1, + 0, + 30 + ] + } + } + } + }, + { + "_index": "packets-2004-12-05", + "_type": "pcap_file", + "_score": null, + "_source": { + "layers": { + "frame_raw": [ + "000b8201fc42000874adf19b0800450001480446000080110000c0a80001c0a8000a004300440134dfdb0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000", + 0, + 342, + 0, + 1 + ], + "frame": { + "frame.encap_type_raw": [ + "", + 0, + 0, + 0, + 13 + ], + "frame.time_raw": [ + "", + 0, + 0, + 0, + 24 + ], + "frame.offset_shift_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_epoch_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_delta_displayed_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.time_relative_raw": [ + "", + 0, + 0, + 0, + 25 + ], + "frame.number_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.cap_len_raw": [ + "", + 0, + 0, + 0, + 7 + ], + "frame.marked_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.ignored_raw": [ + "", + 0, + 0, + 0, + 2 + ], + "frame.protocols_raw": [ + "", + 0, + 0, + 0, + 26 + ] + }, + "eth_raw": [ + "000b8201fc42000874adf19b0800", + 0, + 14, + 0, + 1 + ], + "eth": { + "eth.dst_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.dst_tree": { + "eth.dst_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000b8201fc42", + 0, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "0", + 0, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "0", + 0, + 3, + 65536, + 2 + ] + }, + "eth.src_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.src_tree": { + "eth.src_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.addr_raw": [ + "000874adf19b", + 6, + 6, + 0, + 29 + ], + "eth.addr_resolved_raw": [ + "000874adf19b", + 6, + 6, + 0, + 26 + ], + "eth.lg_raw": [ + "0", + 6, + 3, + 131072, + 2 + ], + "eth.ig_raw": [ + "0", + 6, + 3, + 65536, + 2 + ] + }, + "eth.type_raw": [ + "0800", + 12, + 2, + 0, + 5 + ] + }, + "ip_raw": [ + "450001480446000080110000c0a80001c0a8000a", + 14, + 20, + 0, + 1 + ], + "ip": { + "ip.version_raw": [ + "4", + 14, + 1, + 240, + 4 + ], + "ip.hdr_len_raw": [ + "45", + 14, + 1, + 0, + 4 + ], + "ip.dsfield_raw": [ + "00", + 15, + 1, + 0, + 4 + ], + "ip.dsfield_tree": { + "ip.dsfield.dscp_raw": [ + "0", + 15, + 1, + 252, + 4 + ], + "ip.dsfield.ecn_raw": [ + "0", + 15, + 1, + 3, + 4 + ] + }, + "ip.len_raw": [ + "0148", + 16, + 2, + 0, + 5 + ], + "ip.id_raw": [ + "0446", + 18, + 2, + 0, + 5 + ], + "ip.flags_raw": [ + "0000", + 20, + 2, + 0, + 5 + ], + "ip.flags_tree": { + "ip.flags.rb_raw": [ + "0", + 20, + 2, + 32768, + 2 + ], + "ip.flags.df_raw": [ + "0", + 20, + 2, + 16384, + 2 + ], + "ip.flags.mf_raw": [ + "0", + 20, + 2, + 8192, + 2 + ], + "ip.frag_offset_raw": [ + "0", + 20, + 2, + 8191, + 5 + ] + }, + "ip.ttl_raw": [ + "80", + 22, + 1, + 0, + 4 + ], + "ip.proto_raw": [ + "11", + 23, + 1, + 0, + 4 + ], + "ip.checksum_raw": [ + "0000", + 24, + 2, + 0, + 5 + ], + "ip.checksum.status_raw": [ + "", + 24, + 0, + 0, + 4 + ], + "ip.src_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a80001", + 26, + 4, + 0, + 32 + ], + "ip.src_host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a80001", + 26, + 4, + 0, + 26 + ], + "ip.dst_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.addr_raw": [ + "c0a8000a", + 30, + 4, + 0, + 32 + ], + "ip.dst_host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ], + "ip.host_raw": [ + "c0a8000a", + 30, + 4, + 0, + 26 + ] + }, + "udp_raw": [ + "004300440134dfdb", + 34, + 8, + 0, + 1 + ], + "udp": { + "udp.srcport_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.dstport_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0043", + 34, + 2, + 0, + 5 + ], + "udp.port_raw": [ + "0044", + 36, + 2, + 0, + 5 + ], + "udp.length_raw": [ + "0134", + 38, + 2, + 0, + 5 + ], + "udp.checksum_raw": [ + "dfdb", + 40, + 2, + 0, + 5 + ], + "udp.checksum.status_raw": [ + "", + 40, + 0, + 0, + 4 + ], + "udp.stream_raw": [ + "", + 42, + 0, + 0, + 7 + ], + "Timestamps": { + "udp.time_relative_raw": [ + "", + 34, + 0, + 0, + 25 + ], + "udp.time_delta_raw": [ + "", + 34, + 0, + 0, + 25 + ] + } + }, + "dhcp_raw": [ + "0201060000003d1e0000000000000000c0a8000a0000000000000000000b8201fc4200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000638253633501053a04000007083b0400000c4e330400000e103604c0a800010104ffffff00ff0000000000000000000000000000000000000000000000000000", + 42, + 300, + 0, + 1 + ], + "dhcp": { + "dhcp.type_raw": [ + "02", + 42, + 1, + 0, + 4 + ], + "dhcp.hw.type_raw": [ + "01", + 43, + 1, + 0, + 4 + ], + "dhcp.hw.len_raw": [ + "06", + 44, + 1, + 0, + 4 + ], + "dhcp.hops_raw": [ + "00", + 45, + 1, + 0, + 4 + ], + "dhcp.id_raw": [ + "00003d1e", + 46, + 4, + 0, + 7 + ], + "dhcp.secs_raw": [ + "0000", + 50, + 2, + 0, + 5 + ], + "dhcp.flags_raw": [ + "0000", + 52, + 2, + 0, + 5 + ], + "dhcp.flags_tree": { + "dhcp.flags.bc_raw": [ + "0", + 52, + 2, + 32768, + 2 + ], + "dhcp.flags.reserved_raw": [ + "0", + 52, + 2, + 32767, + 5 + ] + }, + "dhcp.ip.client_raw": [ + "00000000", + 54, + 4, + 0, + 32 + ], + "dhcp.ip.your_raw": [ + "c0a8000a", + 58, + 4, + 0, + 32 + ], + "dhcp.ip.server_raw": [ + "00000000", + 62, + 4, + 0, + 32 + ], + "dhcp.ip.relay_raw": [ + "00000000", + 66, + 4, + 0, + 32 + ], + "dhcp.hw.mac_addr_raw": [ + "000b8201fc42", + 70, + 6, + 0, + 29 + ], + "dhcp.hw.addr_padding_raw": [ + "00000000000000000000", + 76, + 10, + 0, + 30 + ], + "dhcp.server_raw": [ + "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 86, + 64, + 0, + 26 + ], + "dhcp.file_raw": [ + "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000", + 150, + 128, + 0, + 26 + ], + "dhcp.cookie_raw": [ + "63825363", + 278, + 4, + 0, + 32 + ], + "dhcp.option.type_raw": [ + "350105", + 282, + 3, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "01", + 283, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "05", + 284, + 1, + 0, + 30 + ], + "dhcp.option.dhcp_raw": [ + "05", + 284, + 1, + 0, + 4 + ] + }, + "dhcp.option.type_raw": [ + "3a0400000708", + 285, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 286, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000708", + 287, + 4, + 0, + 30 + ], + "dhcp.option.renewal_time_value_raw": [ + "00000708", + 287, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3b0400000c4e", + 291, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 292, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000c4e", + 293, + 4, + 0, + 30 + ], + "dhcp.option.rebinding_time_value_raw": [ + "00000c4e", + 293, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "330400000e10", + 297, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 298, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "00000e10", + 299, + 4, + 0, + 30 + ], + "dhcp.option.ip_address_lease_time_raw": [ + "00000e10", + 299, + 4, + 0, + 7 + ] + }, + "dhcp.option.type_raw": [ + "3604c0a80001", + 303, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 304, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "c0a80001", + 305, + 4, + 0, + 30 + ], + "dhcp.option.dhcp_server_id_raw": [ + "c0a80001", + 305, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "0104ffffff00", + 309, + 6, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.length_raw": [ + "04", + 310, + 1, + 0, + 4 + ], + "dhcp.option.value_raw": [ + "ffffff00", + 311, + 4, + 0, + 30 + ], + "dhcp.option.subnet_mask_raw": [ + "ffffff00", + 311, + 4, + 0, + 32 + ] + }, + "dhcp.option.type_raw": [ + "ff", + 315, + 1, + 0, + 4 + ], + "dhcp.option.type_tree": { + "dhcp.option.end_raw": [ + "ff", + 315, + 1, + 0, + 4 + ] + }, + "dhcp.option.padding_raw": [ + "0000000000000000000000000000000000000000000000000000", + 316, + 26, + 0, + 30 + ] + } + } + } + } +] diff --git a/test/suite_outputformats.py b/test/suite_outputformats.py new file mode 100644 index 0000000000..9948b7603a --- /dev/null +++ b/test/suite_outputformats.py @@ -0,0 +1,53 @@ +# -*- coding: utf-8 -*- +# Wireshark tests +# By Gerald Combs <gerald@wireshark.org> +# +# Copyright (c) 2018 Dario Lombardo <lomato@gmail.com> +# +# SPDX-License-Identifier: GPL-2.0-or-later +# +'''outputformats tests''' + +import json +import os.path +import subprocesstest +import fixtures +from matchers import * + +@fixtures.fixture +def check_outputformat(cmd_tshark, dirs, capture_file): + def check_outputformat_real(self, pcap_file, format_option, format_file, multiline=False): + self.maxDiff = 1000000 + tshark_proc = self.assertRun((cmd_tshark, '-r', capture_file(pcap_file), '-T', format_option,)) + + expected = open(os.path.join(dirs.baseline_dir, format_file)).read() + actual = tshark_proc.stdout_str + if multiline: + expected = expected.splitlines() + actual = actual.splitlines() + self.assertEqual(len(expected), len(actual)) + for line1, line2 in zip(expected, actual): + json.loads(line1) + json.loads(line2) + self.assertEqual(json.loads(line1), json.loads(line2)) + else: + expected = json.loads(expected) + actual = json.loads(actual) + self.assertEqual(expected, actual) + + return check_outputformat_real + +@fixtures.mark_usefixtures('base_env') +@fixtures.uses_fixtures +class case_outputformats(subprocesstest.SubprocessTestCase): + def test_outputformat_json(self, check_outputformat): + '''Decode some captures into json''' + check_outputformat(self, "dhcp.pcap", "json", "dhcp.json") + + def test_outputformat_jsonraw(self, check_outputformat): + '''Decode some captures into jsonraw''' + check_outputformat(self, "dhcp.pcap", "jsonraw", "dhcp.jsonraw") + + def test_outputformat_ek(self, check_outputformat): + '''Decode some captures into ek''' + check_outputformat(self, "dhcp.pcap", "ek", "dhcp.ek", True) |