search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
TODO epan/dissectors/asn1/kerberos/packet-kerberos-template.c new GSS flags
[wireshark-sm.git] / test / suite_dfilter / group_function.py
blob843ba4cbab8cab146193a3b9f8cf0e82d8bde088
1 # Copyright (c) 2019 by Dario Lombardo <lomato@gmail.com>
2 #
3 # SPDX-License-Identifier: GPL-2.0-or-later
4
5 import pytest
6 from suite_dfilter.dfiltertest import *
7
8 class TestFunctionString:
9 trace_file = "dhcp.pcap"
10
11 def test_matches_1(self, checkDFilterCount):
12 dfilter = "string(frame.number) matches \"[13579]$\""
13 checkDFilterCount(dfilter, 2)
14
15 def test_contains_1(self, checkDFilterCount):
16 dfilter = "string(eth.src) contains \"00:08:74\""
17 checkDFilterCount(dfilter, 2)
18
19 def test_fail_1(self, checkDFilterFail):
20 # Invalid filter (only non-string fields are supported)
21 dfilter = "string(dhcp.server) == hostname"
22 error = 'String conversion for field "dhcp.server" is not supported'
23 checkDFilterFail(dfilter, error)
24
25 def test_fail_2(self, checkDFilterFail):
26 # Invalid field: value
27 dfilter = "string(123) == \"123\""
28 error = 'Only fields can be used as parameter for string()'
29 checkDFilterFail(dfilter, error)
30
31 def test_fail_3(self, checkDFilterFail):
32 # Invalid field: protocol
33 dfilter = "string(dhcp) == hostname"
34 error = 'String conversion for field "dhcp" is not supported'
35 checkDFilterFail(dfilter, error)
36
37 def test_fail_4(self, checkDFilterFail):
38 # Invalid field: bytes
39 dfilter = "string(dhcp.option.value) == \"hostname\""
40 error = 'String conversion for field "dhcp.option.value" is not supported'
41 checkDFilterFail(dfilter, error)
42
43 class TestFunctionMaxMin:
44 trace_file = "sip.pcapng"
45
46 def test_min_1(self, checkDFilterCount):
47 dfilter = 'min(udp.srcport, udp.dstport) == 5060'
48 checkDFilterCount(dfilter, 5)
49
50 def test_min_2(self, checkDFilterCount):
51 dfilter = 'min(udp.srcport, udp.dstport) == 5070'
52 checkDFilterCount(dfilter, 0)
53
54 def test_max_1(self, checkDFilterCount):
55 dfilter = 'max(udp.srcport, udp.dstport) == 5070'
56 checkDFilterCount(dfilter, 3)
57
58 def test_max_2(self, checkDFilterCount):
59 dfilter = 'max(udp.srcport, udp.dstport) == 5060'
60 checkDFilterCount(dfilter, 2)
61
62 def test_max_3(self, checkDFilterCount):
63 dfilter = 'max(udp.srcport, udp.dstport) < 5060'
64 checkDFilterCount(dfilter, 1)
65
66 def test_max_4(self, checkDFilterCount):
67 dfilter = 'max(5060, udp.dstport) == udp.srcport'
68 checkDFilterCount(dfilter, 2)
69
70 def test_max_5(self, checkDFilterCount):
71 dfilter = 'max(5060, 5070) == udp.srcport'
72 checkDFilterCount(dfilter, 1)
73
74 def text_max_6(self, checkDFilterCount):
75 # Extraneous negative numbers don't affect anything.
76 dfilter = 'max(udp.srcport, udp.dstport, -200) == 5060'
77 checkDFilterCount(dfilter, 2)
78
79 class TestFunctionAbs:
80 trace_file = "dhcp.pcapng"
81
82 def test_function_abs_1(self, checkDFilterCount):
83 dfilter = 'udp.dstport == abs(-67)'
84 checkDFilterCount(dfilter, 2)
85
86 class TestFunctionLen:
87 trace_file = "http.pcap"
88
89 def test_function_len_1(self, checkDFilterCount):
90 dfilter = 'len(http.host) == 27'
91 checkDFilterCount(dfilter, 1)
92
93 def test_function_len_2(self, checkDFilterCount):
94 dfilter = 'len(http.host) != 0'
95 checkDFilterCount(dfilter, 1)
96
97 def test_function_len_3(self, checkDFilterCount):
98 dfilter = 'len(http.host) == 0'
99 checkDFilterCount(dfilter, 0)
100
101 def test_function_len_4(self, checkDFilterCount):
102 dfilter = 'len(http.host)'
103 checkDFilterCount(dfilter, 1)
104
105 def test_function_len_5(self, checkDFilterCount):
106 dfilter = '!len(http.host)'
107 checkDFilterCount(dfilter, 0)
108
109 class TestFunctionNested:
110 trace_file = 'http.pcap'
111
112 def test_function_nested_1(self, checkDFilterCount):
113 dfilter = 'abs(min(tcp.srcport, tcp.dstport)) == 80'
114 checkDFilterCount(dfilter, 1)
115
116 def test_function_nested_2(self, checkDFilterCount):
117 dfilter = 'min(tcp.srcport * 10, tcp.dstport * 10, udp.srcport * 10, udp.dstport * 10) == 800'
118 checkDFilterCount(dfilter, 1)
119
120 def test_function_nested_3(self, checkDFilterCount):
121 dfilter = 'min(len(tcp.payload), len(udp.payload)) == 153'
122 checkDFilterCount(dfilter, 1)
123
124 def test_function_nested_4(self, checkDFilterCount):
125 # udp.payload does not exist. Check that len(udp.payload) + 2
126 # resolves to NULL, not to 2.
127 dfilter = 'min(len(tcp.payload[2:]) + 2, len(udp.payload[2:]) + 2) == 153'
128 checkDFilterCount(dfilter, 1)
129
130 class TestFunctionDouble:
131 trace_file = "dhcp.pcapng"
132
133 # Observer differences in precision and how they affect equality tests
134 def test_function_double_1(self, checkDFilterCount):
135 dfilter = 'double(len(udp.payload)) / double(udp.time_relative) == 3883.9942311262157'
136 checkDFilterCount(dfilter, 1)
137
138 def test_function_double_2(self, checkDFilterCount):
139 dfilter = 'float(double(len(udp.payload)) / double(udp.time_relative)) == 3883.994140625'
140 checkDFilterCount(dfilter, 1)
141
142 def test_function_float_1(self, checkDFilterCount):
143 dfilter = 'float(len(udp.payload)) / float(udp.time_relative) == 3883.9941111147282'
144 checkDFilterCount(dfilter, 1)
145
146 def test_function_float_2(self, checkDFilterCount):
147 dfilter = 'float(float(len(udp.payload)) / float(udp.time_relative)) == 3883.994140625'
148 checkDFilterCount(dfilter, 1)
Metzes wireshark repo