1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
#
# -*- coding: utf-8 -*-
# Wireshark tests
# By Gerald Combs <gerald@wireshark.org>
#
# Ported from a set of Bash scripts which were copyright 2005 Ulf Lamping
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
'''File format conversion tests'''
import os.path
import subprocesstest
import unittest
import fixtures
# XXX Currently unused. It would be nice to be able to use this below.
time_output_args = ('-Tfields', '-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta')
# Microsecond pcap, direct read was used to generate the baseline:
# tshark -Tfields -e frame.number -e frame.time_epoch -e frame.time_delta \
# -r captures/dhcp.pcap > baseline/ff-ts-usec-pcap-direct.txt
baseline_file = 'ff-ts-usec-pcap-direct.txt'
@fixtures.fixture(scope='session')
def fileformats_baseline_str(dirs):
with open(os.path.join(dirs.baseline_dir, baseline_file), 'r') as f:
return f.read()
@fixtures.mark_usefixtures('test_env')
@fixtures.uses_fixtures
class case_fileformat_pcap(subprocesstest.SubprocessTestCase):
def test_pcap_usec_stdin(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs microsecond pcap stdin'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', '-',
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta',
'<', capture_file('dhcp.pcap')
, shell=True),
shell=True)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
def test_pcap_nsec_stdin(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs nanosecond pcap stdin'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', '-',
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta',
'<', capture_file('dhcp-nanosecond.pcap')
, shell=True),
shell=True)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
def test_pcap_nsec_direct(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs nanosecond pcap direct'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', capture_file('dhcp-nanosecond.pcap'),
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta',
),
)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
@fixtures.mark_usefixtures('test_env')
@fixtures.uses_fixtures
class case_fileformat_pcapng(subprocesstest.SubprocessTestCase):
def test_pcapng_usec_stdin(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs microsecond pcapng stdin'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', '-',
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta'
'<', capture_file('dhcp.pcapng')
, shell=True),
shell=True)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
def test_pcapng_usec_direct(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs microsecond pcapng direct'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', capture_file('dhcp.pcapng'),
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta',
),
)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
def test_pcapng_nsec_stdin(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs nanosecond pcapng stdin'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', '-',
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta'
'<', capture_file('dhcp-nanosecond.pcapng')
, shell=True),
shell=True)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
def test_pcapng_nsec_direct(self, cmd_tshark, capture_file, fileformats_baseline_str):
'''Microsecond pcap direct vs nanosecond pcapng direct'''
capture_proc = self.runProcess(subprocesstest.capture_command(cmd_tshark,
'-r', capture_file('dhcp-nanosecond.pcapng'),
'-Tfields',
'-e', 'frame.number', '-e', 'frame.time_epoch', '-e', 'frame.time_delta',
),
)
self.assertTrue(self.diffOutput(capture_proc.stdout_str, fileformats_baseline_str, 'tshark', baseline_file))
@fixtures.mark_usefixtures('test_env')
@fixtures.uses_fixtures
class case_fileformat_mime(subprocesstest.SubprocessTestCase):
def test_mime_pcapng_gz(self, cmd_tshark, capture_file):
'''Test that the full uncompressed contents is shown.'''
proc = self.runProcess((cmd_tshark,
'-r', capture_file('icmp.pcapng.gz'),
'-Xread_format:MIME Files Format',
'-Tfields', '-e', 'frame.len', '-e', 'pcapng.block.length',
))
self.assertEqual(proc.stdout_str.strip(), '480\t128,128,88,88,132,132,132,132')
|
