search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
epan/dissectors/pidl/ C99 drsuapi
[wireshark-sm.git] / test / suite_text2pcap.py
blob36fc6ea762cf5a166a5fa3e2fc3743eb4bdf081f
1 #
2 # Wireshark tests
3 # By Gerald Combs <gerald@wireshark.org>
4 #
5 # Ported from a set of Bash scripts which were copyright 2005 Ulf Lamping
6 #
7 # SPDX-License-Identifier: GPL-2.0-or-later
8 #
9 '''Text2pcap tests'''
10
11 import re
12 import subprocess
13 from subprocesstest import get_capture_info, grep_output
14 import json
15 import pytest
16
17 testin_txt = 'testin.txt'
18 testout_pcap = 'testout.pcap'
19 testout_pcapng = 'testout.pcapng'
20
21 file_type_to_descr = {
22 'pcap': 'Wireshark/tcpdump/... - pcap',
23 'pcapng': 'Wireshark/... - pcapng',
24 }
25
26 file_type_to_testout = {
27 'pcap': testout_pcap,
28 'pcapng': testout_pcapng,
29 }
30
31 encap_to_link_type_long = {
32 'Ethernet': 1,
33 'Raw IP': 14,
34 'Linux cooked-mode capture v1': 113,
35 'IEEE 802.11 plus radiotap radio header': 127,
36 'DVB-CI (Common Interface)': 235,
37 }
38
39 encap_to_link_type = {
40 'ether': 1,
41 'rawip': 14,
42 'linux-sll': 113,
43 'ieee-802-11-radiotap': 127,
44 'dvbci': 235,
45 }
46
47 def check_capinfos_info(cmd_capinfos, cap_file):
48 cap_info = {
49 'filetype': None,
50 'encapsulation': None,
51 'packets': None,
52 'datasize': None,
53 'timeend': None,
54 }
55 str_pats = {
56 'filetype': 'File type',
57 'encapsulation': 'File encapsulation',
58 'timeend': 'Last packet time',
59 }
60 int_pats = {
61 'packets': 'Number of packets',
62 'datasize': 'Data size',
63 }
64 capinfos_out = get_capture_info(cmd_capinfos, ('-tEcdMe',), cap_file)
65
66 for ci_line in capinfos_out.splitlines():
67 for sp_key in str_pats:
68 str_pat = r'{}:\s+([\S ]+)'.format(str_pats[sp_key])
69 str_res = re.search(str_pat, ci_line)
70 if str_res is not None:
71 cap_info[sp_key] = str_res.group(1)
72
73 for ip_key in int_pats:
74 int_pat = r'{}:\s+(\d+)'.format(int_pats[ip_key])
75 int_res = re.search(int_pat, ci_line)
76 if int_res is not None:
77 cap_info[ip_key] = int(int_res.group(1))
78
79 return cap_info
80
81 def get_capinfos_cmp_info(cii):
82 cmp_keys = ('encapsulation', 'packets', 'datasize')
83 return { k: v for k, v in cii.items() if k in cmp_keys }
84
85 def compare_capinfos_info(cii1, cii2, filename1, filename2):
86 cii_cmp_i1 = get_capinfos_cmp_info(cii1)
87 cii_cmp_i2 = get_capinfos_cmp_info(cii2)
88 assert cii_cmp_i1 == cii_cmp_i2
89
90 @pytest.fixture
91 def check_text2pcap(cmd_tshark, cmd_text2pcap, cmd_capinfos, capture_file, result_file, base_env):
92 def check_text2pcap_real(cap_filename, file_type, expected_packets=None, expected_datasize=None):
93 # Perform the following actions
94 # - Get information for the input pcap file with capinfos
95 # - Generate an ASCII hexdump with TShark
96 # - Convert the ASCII hexdump back to pcap using text2pcap
97 # - Get information for the output pcap file with capinfos
98 # - Check that file type, encapsulation type, number of packets and data size
99 # in the output file are the same as in the input file
100
101 cap_file = capture_file(cap_filename)
102 pre_cap_info = check_capinfos_info(cmd_capinfos, cap_file)
103 # Due to limitations of "tshark -x", the output might contain more than one
104 # data source which is subsequently interpreted as additional frame data.
105 # See https://gitlab.com/wireshark/wireshark/-/issues/14639
106 if expected_packets is not None:
107 assert pre_cap_info['packets'] != expected_packets
108 pre_cap_info['packets'] = expected_packets
109 if expected_datasize is not None:
110 assert pre_cap_info['datasize'] != expected_datasize
111 pre_cap_info['datasize'] = expected_datasize
112 assert pre_cap_info['encapsulation'] in encap_to_link_type
113
114 assert file_type in file_type_to_testout, 'Invalid file type'
115
116 # text2pcap_generate_input()
117 # $TSHARK -o 'gui.column.format:"Time","%t"' -tad -P -x -r $1 > testin.txt
118 testin_file = result_file(testin_txt)
119 tshark_cmd = '"{cmd}" -r "{cf}" -o gui.column.format:"Time","%t" -t ad -P --hexdump frames > "{of}"'.format(
120 cmd = cmd_tshark,
121 cf = cap_file,
122 of = testin_file,
123 )
124 subprocess.check_call(tshark_cmd, shell=True, env=base_env)
125
126 testout_fname = file_type_to_testout[file_type]
127 testout_file = result_file(testout_fname)
128 # The first word is the file type (the rest might be compression info)
129 filetype_flag = pre_cap_info['filetype'].split()[0]
130 # We want the -a flag, because the tshark -x format is a hex+ASCII
131 # format where the ASCII can be confused for hex bytes without it.
132 # XXX: -t ISO also works now too for this output
133 text2pcap_cmd = '"{cmd}" -a -F {filetype} -l {linktype} -t "%Y-%m-%d %H:%M:%S.%f" "{in_f}" "{out_f}"'.format(
134 cmd = cmd_text2pcap,
135 filetype = filetype_flag,
136 linktype = encap_to_link_type[pre_cap_info['encapsulation']],
137 in_f = testin_file,
138 out_f = testout_file,
139 )
140 proc = subprocess.run(text2pcap_cmd, shell=True, check=True, capture_output=True, encoding='utf-8', env=base_env)
141 assert grep_output(proc.stderr, 'potential packet'), "text2pcap didn't complete"
142 assert not grep_output(proc.stderr, 'Inconsistent offset'), 'text2pcap detected inconsistent offset'
143
144 post_cap_info = check_capinfos_info(cmd_capinfos, testout_file)
145 compare_capinfos_info(pre_cap_info, post_cap_info, cap_file, testout_fname)
146 return check_text2pcap_real
147
148
149 class TestText2pcapPcap:
150 def test_text2pcap_empty_pcap(self, check_text2pcap):
151 '''Test text2pcap with empty.pcap.'''
152 check_text2pcap('empty.pcap', 'pcap')
153
154 def test_text2pcap_dhcp_pcap(self, check_text2pcap):
155 '''Test text2pcap with dhcp.pcap.'''
156 check_text2pcap('dhcp.pcap', 'pcap')
157
158 def test_text2pcap_dhcp_nanosecond_pcap(self, check_text2pcap):
159 '''Test text2pcap with dhcp-nanosecond.pcap.'''
160 check_text2pcap('dhcp-nanosecond.pcap', 'pcap')
161
162 def test_text2pcap_segmented_fpm_pcap(self, check_text2pcap):
163 '''Test text2pcap with segmented_fpm.pcap.'''
164 check_text2pcap('segmented_fpm.pcap', 'pcap')
165
166 def test_text2pcap_c1222_std_example8_pcap(self, check_text2pcap):
167 '''Test text2pcap with c1222_std_example8.pcap.'''
168 check_text2pcap('c1222_std_example8.pcap', 'pcap')
169
170 def test_text2pcap_dns_port_pcap(self, check_text2pcap):
171 '''Test text2pcap with dns_port.pcap.'''
172 check_text2pcap('dns_port.pcap', 'pcap')
173
174 def test_text2pcap_dvb_ci_uv1_0000_pcap(self, check_text2pcap):
175 '''Test text2pcap with dvb-ci_UV1_0000.pcap.'''
176 check_text2pcap('dvb-ci_UV1_0000.pcap', 'pcap')
177
178 def test_text2pcap_ikev1_certs_pcap(self, check_text2pcap):
179 '''Test text2pcap with ikev1-certs.pcap.'''
180 check_text2pcap('ikev1-certs.pcap', 'pcap')
181
182 def test_text2pcap_rsa_p_lt_q_pcap(self, check_text2pcap):
183 '''Test text2pcap with rsa-p-lt-q.pcap.'''
184 check_text2pcap('rsa-p-lt-q.pcap', 'pcap')
185
186 def test_text2pcap_rsasnakeoil2_pcap(self, check_text2pcap):
187 '''Test text2pcap with rsasnakeoil2.pcap.'''
188 check_text2pcap('rsasnakeoil2.pcap', 'pcap')
189
190 def test_text2pcap_sample_control4_2012_03_24_pcap(self, check_text2pcap):
191 '''Test text2pcap with sample_control4_2012-03-24.pcap.'''
192 # Tests handling additional data source (decrypted ZigBee packets)
193 # Either tshark must not output the additional data source,
194 # or text2pcap must ignore it.
195 check_text2pcap('sample_control4_2012-03-24.pcap', 'pcap')
196
197 def test_text2pcap_snakeoil_dtls_pcap(self, check_text2pcap):
198 '''Test text2pcap with snakeoil-dtls.pcap.'''
199 check_text2pcap('snakeoil-dtls.pcap', 'pcap')
200
201 def test_text2pcap_wpa_eap_tls_pcap_gz(self, check_text2pcap):
202 '''Test text2pcap with wpa-eap-tls.pcap.gz.'''
203 # Tests handling additional data source (reassemblies)
204 # Either tshark must not output the additional data source,
205 # or text2pcap must ignore it.
206 check_text2pcap('wpa-eap-tls.pcap.gz', 'pcap')
207
208 def test_text2pcap_wpa_induction_pcap(self, check_text2pcap):
209 '''Test text2pcap with wpa-Induction.pcap.gz.'''
210 check_text2pcap('wpa-Induction.pcap.gz', 'pcap')
211
212
213 class TestText2pcapPcapng:
214 def test_text2pcap_dhcp_pcapng(self, check_text2pcap):
215 '''Test text2pcap with dhcp.pcapng.'''
216 check_text2pcap('dhcp.pcapng', 'pcapng')
217
218 def test_text2pcap_dhcp_nanosecond_pcapng(self, check_text2pcap):
219 '''Test text2pcap with dhcp-nanosecond.pcapng.'''
220 check_text2pcap('dhcp-nanosecond.pcapng', 'pcapng')
221
222 def test_text2pcap_dhe1_pcapng_gz(self, check_text2pcap):
223 '''Test text2pcap with dhe1.pcapng.gz.'''
224 check_text2pcap('dhe1.pcapng.gz', 'pcapng')
225
226 def test_text2pcap_dmgr_pcapng(self, check_text2pcap):
227 '''Test text2pcap with dmgr.pcapng.'''
228 check_text2pcap('dmgr.pcapng', 'pcapng')
229
230 def test_text2pcap_dns_icmp_pcapng_gz(self, check_text2pcap):
231 '''Test text2pcap with dns+icmp.pcapng.gz.'''
232 # This file needs (and thus tests) the -a flag to identify when the
233 # start of the ASCII dump looks like hex.
234 check_text2pcap('dns+icmp.pcapng.gz', 'pcapng')
235
236 def test_text2pcap_packet_h2_14_headers_pcapng(self, check_text2pcap):
237 '''Test text2pcap with packet-h2-14_headers.pcapng.'''
238 check_text2pcap('packet-h2-14_headers.pcapng', 'pcapng')
239
240 def test_text2pcap_sip_pcapng(self, check_text2pcap):
241 '''Test text2pcap with sip.pcapng.'''
242 check_text2pcap('sip.pcapng', 'pcapng')
243
244
245 @pytest.fixture
246 def check_rawip(run_text2pcap_capinfos_tshark):
247 def check_rawip_real(pdata, packets, datasize):
248
249 assert {'encapsulation': 'rawip4', 'packets': packets, \
250 'datasize': datasize, 'expert': ''} == \
251 run_text2pcap_capinfos_tshark(pdata, ("-l228",))
252 return check_rawip_real
253
254
255 class TestText2pcapParsing:
256 def test_text2pcap_eol_hash(self, cmd_text2pcap, cmd_capinfos, capture_file, result_file, base_env):
257 '''Test text2pcap hash sign at the end-of-line.'''
258 txt_fname = 'text2pcap_hash_eol.txt'
259 testout_file = result_file(testout_pcap)
260 proc = subprocess.run((cmd_text2pcap,
261 '-F', 'pcapng',
262 '-t', '%Y-%m-%d %H:%M:%S.',
263 capture_file(txt_fname),
264 testout_file,
265 ), check=True, capture_output=True, encoding='utf-8', env=base_env)
266 assert not grep_output(proc.stderr, 'Inconsistent offset'), 'text2pcap failed to parse the hash sign at the end of the line'
267 assert grep_output(proc.stderr, r'Directive \[ test_directive'), 'text2pcap failed to parse #TEXT2PCAP test_directive'
268 pre_cmp_info = {'encapsulation': 'ether', 'packets': 1, 'datasize': 96, 'timeend': '2015-10-01 21:16:24.317453000'}
269 post_cmp_info = check_capinfos_info(cmd_capinfos, testout_file)
270 compare_capinfos_info(pre_cmp_info, post_cmp_info, txt_fname, testout_pcap)
271
272 def test_text2pcap_doc_no_line_limit(self, check_rawip):
273 '''
274 Verify: There is no limit on the width or number of bytes per line and
275 Bytes/hex numbers can be uppercase or lowercase.
276 '''
277 pdata = "0000 45 00 00 21 00 01 00 00 40 11\n" \
278 "000A 7C C9 7F 00 00 01" \
279 " 7f 00 00 01 ff 98 00 13 00 0d b5 48 66 69 72 73\n" \
280 "0020 74\n"
281 check_rawip(pdata, 1, 33)
282
283 def test_text2pcap_doc_ignore_text(self, check_rawip):
284 '''
285 Verify: the text dump at the end of the line is ignored. Any hex numbers
286 in this text are also ignored. Any lines of text between the bytestring
287 lines is ignored. Any line where the first non-whitespace character is
288 '#' will be ignored as a comment.
289 '''
290 pdata = "0000 45 00 00 21 00 01 00 00 40 11 7c c9 7f 00 00 01 bad\n" \
291 "0010 7f 00 00 01 ff 98 00 13 00 0d b5 48 66 69 72 73 - 42\n" \
292 "0020 74\n" \
293 "0021\n" \
294 "That 0021 should probably be ignored as it this: 00 20\n" \
295 "0000 45 00 00 22 00 01 00 00 40 11 7c c8 7f 00 00 01\n" \
296 "0010 7f 00 00 01 ff 99 00 13 00 0e bc e9 73 65 63 6f ...\n" \
297 " \t# 0020 12 34 56<-- comment, ignore this!\n" \
298 "0020 6e 64\n" \
299 "12 34 56 78 90 # ignore this due to missing offset!\n"
300 check_rawip(pdata, 2, 67)
301
302 def test_text2pcap_doc_leading_text_ignored(self, check_rawip):
303 '''
304 Verify: Any test before the offset is ignored, including email
305 forwarding characters '>'. An offset is a hex number longer than two
306 characters. An offset of zero is indicative of starting a new packet.
307 '''
308 pdata = "> >> 000 45 00 00 21 00 01 00 00 40 11 7c c9 7f 00 00 01\n" \
309 "> >> 010 7f 00 00 01 ff 98 00 13 00 0d b5 48 66 69 72 73\n" \
310 "> >> 020 74\n" \
311 "> >> 000 45 00 00 22 00 01 00 00 40 11 7c c8 7f 00 00 01\n" \
312 "> >> 010 7f 00 00 01 ff 99 00 13 00 0e bc e9 73 65 63 6f\n" \
313 "> >> 020 6e 64\n"
314 check_rawip(pdata, 2, 67)
315
316 def test_text2pcap_doc_require_offset(self, check_rawip):
317 '''Any line which has only bytes without a leading offset is ignored.'''
318 pdata = "45 00 00 21 00 01 00 00 40 11 7c c9 7f 00 00 01\n" \
319 "7f 00 00 01 ff 98 00 13 00 0d b5 48 66 69 72 73\n"
320 check_rawip(pdata, 0, 0)
321
322 def test_text2pcap_eol_missing(self, check_rawip):
323 '''Verify that the last LF can be missing.'''
324 pdata = "0000 45 00 00 21 00 01 00 00 40 11 7c c9 7f 00 00 01\n" \
325 "0010 7f 00 00 01 ff 98 00 13 00 0d b5 48 66 69 72 73\n" \
326 "0020 74"
327 check_rawip(pdata, 1, 33)
328
329
330 class TestText2pcapRegex:
331 def test_text2pcap_regex(self, run_text2pcap_capinfos_tshark):
332 '''Verify basic functionality of text2pcap in regex mode.'''
333 capinfo = run_text2pcap_capinfos_tshark(
334 "> 0:00:00.265620 a130368b000000080060\n" \
335 "< 0:00:00.295459 a2010800000000000000000800000000\n",
336 (
337 "-r", r'^(?<dir>[<>])\s(?<time>\d+:\d\d:\d\d.\d+)\s(?<data>[0-9a-fA-F]+)$',
338 "-t", "%H:%M:%S.%f"
339 )
340 )
341 assert capinfo['datasize'] == 26
342
343 def test_text2pcap_regex_eol_missing(self, run_text2pcap_capinfos_tshark):
344 '''
345 Verify that the last LF can be missing when parsing in regex
346 mode.
347 '''
348 capinfo = run_text2pcap_capinfos_tshark(
349 "> 0:00:00.265620 a130368b000000080060\n" \
350 "< 0:00:00.295459 a2010800000000000000000800000000",
351 (
352 "-r", r'^(?<dir>[<>])\s(?<time>\d+:\d\d:\d\d.\d+)\s(?<data>[0-9a-fA-F]+)$',
353 "-t", "%H:%M:%S.%f"
354 )
355 )
356 assert capinfo['datasize'] == 26
357
358
359 @pytest.fixture
360 def run_text2pcap_capinfos_tshark(cmd_text2pcap, cmd_tshark, cmd_capinfos, result_file, base_env):
361 def run_text2pcap_capinfos_tshark_real(content, args):
362
363 testin_file = result_file(testin_txt)
364 testout_file = result_file(testout_pcap)
365
366 with open(testin_file, "w") as f:
367 f.write(content)
368 subprocess.check_call((cmd_text2pcap,) + args + (testin_file, testout_file), env=base_env)
369
370 capinfo = get_capinfos_cmp_info(check_capinfos_info(cmd_capinfos, testout_file))
371
372 stdout = subprocess.check_output((cmd_tshark, '-q', '-z', 'expert,warn',
373 '-o', 'udp.check_checksum: TRUE',
374 '-o', 'tcp.check_checksum: TRUE',
375 '-o', 'sctp.checksum:TRUE',
376 '-r', testout_file),
377 encoding='utf-8', env=base_env)
378 capinfo['expert'] = stdout
379 return capinfo
380 return run_text2pcap_capinfos_tshark_real
381
382
383 class TestText2pcapHeaders:
384 '''Test TCP, UDP or SCTP header without -4 or -6 option'''
385 maxDiff = None
386
387 def test_text2pcap_tcp(self, run_text2pcap_capinfos_tshark):
388 '''Test TCP over IPv4'''
389 assert {'encapsulation': 'ether', 'packets': 1, \
390 'datasize': 60, 'expert': ''} == \
391 run_text2pcap_capinfos_tshark(
392 "0000: ff ff ff ff\n", ("-T", "1234,1234"))
393
394 def test_text2pcap_udp(self, run_text2pcap_capinfos_tshark):
395 '''Test UDP over IPv4'''
396 assert {'encapsulation': 'ether', 'packets': 1, \
397 'datasize': 60, 'expert': ''} == \
398 run_text2pcap_capinfos_tshark(
399 "0000: ff ff ff ff\n", ("-u", "1234,1234"))
400
401 def test_text2pcap_sctp(self, run_text2pcap_capinfos_tshark):
402 '''Test SCTP over IPv4'''
403 assert {'encapsulation': 'ether', 'packets': 1, \
404 'datasize': 70, 'expert': ''}, \
405 run_text2pcap_capinfos_tshark(
406 "0000 00 03 00 18 00 00 00 00 00 00 00 00 00 00 00 03\n" +
407 "0010 01 00 03 03 00 00 00 08\n",
408 ("-s", "2905,2905,3"))
409
410 def test_text2pcap_sctp_data(self, run_text2pcap_capinfos_tshark):
411 '''Test SCTP DATA over IPv4'''
412 assert {'encapsulation': 'ether', 'packets': 1, \
413 'datasize': 70, 'expert': ''} == \
414 run_text2pcap_capinfos_tshark(
415 "0000: 01 00 03 03 00 00 00 08\n",
416 ("-S", "2905,2905,3"))
417
418
419 @pytest.fixture
420 def run_text2pcap_ipv4(run_text2pcap_capinfos_tshark):
421 def run_text2pcap_ipv4_real(content, args):
422 return run_text2pcap_capinfos_tshark(content,
423 ("-4", "127.0.0.1,127.0.0.1") + args)
424 return run_text2pcap_ipv4_real
425
426
427 class TestText2pcapIpv4:
428 '''Test TCP, UDP or SCTP header with -4 option'''
429 maxDiff = None
430
431 def test_text2pcap_ipv4_tcp(self, run_text2pcap_ipv4):
432 '''Test TCP over IPv4'''
433 assert {'encapsulation': 'ether', 'packets': 1, \
434 'datasize': 60, 'expert': ''} == \
435 run_text2pcap_ipv4("0000: ff ff ff ff\n", ("-T", "1234,1234"))
436
437 def test_text2pcap_ipv4_udp(self, run_text2pcap_ipv4):
438 '''Test UDP over IPv4'''
439 assert {'encapsulation': 'ether', 'packets': 1, \
440 'datasize': 60, 'expert': ''} == \
441 run_text2pcap_ipv4("0000: ff ff ff ff\n", ("-u", "1234,1234"))
442
443 def test_text2pcap_ipv4_sctp(self, run_text2pcap_ipv4):
444 '''Test SCTP over IPv4'''
445 assert {'encapsulation': 'ether', 'packets': 1, \
446 'datasize': 70, 'expert': ''} == \
447 run_text2pcap_ipv4(
448 "0000 00 03 00 18 00 00 00 00 00 00 00 00 00 00 00 03\n" +
449 "0010 01 00 03 03 00 00 00 08\n",
450 ("-s", "2905,2905,3"))
451
452 def test_text2pcap_ipv4_sctp_data(self, run_text2pcap_ipv4):
453 '''Test SCTP DATA over IPv4'''
454 assert {'encapsulation': 'ether', 'packets': 1, \
455 'datasize': 70, 'expert': ''} == \
456 run_text2pcap_ipv4("0000: 01 00 03 03 00 00 00 08\n",
457 ("-S", "2905,2905,3"))
458
459
460 @pytest.fixture
461 def run_text2pcap_ipv6(cmd_tshark, run_text2pcap_capinfos_tshark, result_file, base_env):
462
463 def run_text2pcap_ipv6_real(content, text2pcap_args, tshark_args = ()):
464 #Run the common text2pcap tests
465 result = run_text2pcap_capinfos_tshark(content,
466 ("-6", "::1,::1") + text2pcap_args)
467
468 #Decode the output pcap in JSON format
469 stdout = subprocess.check_output((cmd_tshark, '-T', 'json',
470 '-r', result_file(testout_pcap)) + tshark_args,
471 encoding='utf-8', env=base_env)
472 data = json.loads(stdout)
473
474 #Add IPv6 payload length and payload length tree to the result dict
475 ipv6 = data[0]['_source']['layers']['ipv6']
476 result['ipv6'] = {
477 'plen': ipv6.get('ipv6.plen', None),
478 'plen_tree': ipv6.get('ipv6.plen_tree', None)}
479 return result
480 return run_text2pcap_ipv6_real
481
482
483 class TestText2pcapIpv6:
484 '''Test TCP, UDP or SCTP header with -6 option'''
485 maxDiff = None
486
487 def test_text2pcap_ipv6_tcp(self, run_text2pcap_ipv6):
488 '''Test TCP over IPv6'''
489 assert {'encapsulation': 'ether', 'packets': 1, \
490 'datasize': 78, 'expert': '', \
491 'ipv6': {'plen': '24', 'plen_tree': None}} == \
492 run_text2pcap_ipv6("0000: ff ff ff ff\n", ("-T", "1234,1234"))
493
494 def test_text2pcap_ipv6_udp(self, run_text2pcap_ipv6):
495 '''Test UDP over IPv6'''
496 assert {'encapsulation': 'ether', 'packets': 1, \
497 'datasize': 66, 'expert': '', \
498 'ipv6': {'plen': '12', 'plen_tree': None}} == \
499 run_text2pcap_ipv6("0000: ff ff ff ff\n", ("-u", "1234,1234"))
500
501 def test_text2pcap_ipv6_sctp(self, run_text2pcap_ipv6):
502 '''Test SCTP over IPv6'''
503 assert {'encapsulation': 'ether', 'packets': 1, \
504 'datasize': 90, 'expert': '', \
505 'ipv6': {'plen': '36', 'plen_tree': None}} == \
506 run_text2pcap_ipv6(
507 "0000 00 03 00 18 00 00 00 00 00 00 00 00 00 00 00 03\n" +
508 "0010 01 00 03 03 00 00 00 08\n",
509 ("-s", "2905,2905,3"))
510
511 def test_text2pcap_ipv6_sctp_data(self, run_text2pcap_ipv6):
512 '''Test SCTP DATA over IPv6'''
513 assert {'encapsulation': 'ether', 'packets': 1, \
514 'datasize': 90, 'expert': '', \
515 'ipv6': {'plen': '36', 'plen_tree': None}} == \
516 run_text2pcap_ipv6("0000: 01 00 03 03 00 00 00 08\n",
517 ("-S", "2905,2905,3"))
518
519
520 class TestText2pcapIProto:
521 '''Test -i <proto> for IPv4 and IPv6'''
522 maxDiff = None
523
524 def test_text2pcap_i_icmp(self, run_text2pcap_capinfos_tshark):
525 '''Test -i <proto> without -4 or -6'''
526 assert {'encapsulation': 'ether', 'packets': 1, \
527 'datasize': 98, 'expert': ''} == \
528 run_text2pcap_capinfos_tshark(
529 "0000 08 00 bb b3 d7 3b 00 00 51 a7 d6 7d 00 04 51 e4\n" +
530 "0010 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17\n" +
531 "0020 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27\n" +
532 "0030 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37\n",
533 ("-i", "1"))
534
535 def test_text2pcap_i_icmp_ipv4(self, run_text2pcap_capinfos_tshark):
536 '''Test -i <proto> with IPv4 (-4) header'''
537 assert {'encapsulation': 'ether', 'packets': 1, \
538 'datasize': 98, 'expert': ''} == \
539 run_text2pcap_capinfos_tshark(
540 "0000 08 00 bb b3 d7 3b 00 00 51 a7 d6 7d 00 04 51 e4\n" +
541 "0010 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17\n" +
542 "0020 18 19 1a 1b 1c 1d 1e 1f 20 21 22 23 24 25 26 27\n" +
543 "0030 28 29 2a 2b 2c 2d 2e 2f 30 31 32 33 34 35 36 37\n",
544 ("-i", "1", "-4", "127.0.0.1,127.0.0.1"))
545
546 def test_text2pcap_i_icmpv6_ipv6(self, run_text2pcap_capinfos_tshark):
547 '''Test -i <proto> with IPv6 (-6) header'''
548 assert {'encapsulation': 'ether', 'packets': 1, \
549 'datasize': 86, 'expert': ''} == \
550 run_text2pcap_capinfos_tshark(
551 "0000 87 00 f2 62 00 00 00 00 fe 80 00 00 00 00 00 00\n" +
552 "0010 00 00 00 00 00 00 00 02 01 01 52 54 00 12 34 56\n",
553 ("-i", "58", "-6", "::1,::1"))
554
555 def test_text2pcap_i_sctp_ipv6(self, run_text2pcap_capinfos_tshark):
556 '''Test -i <proto> with IPv6 (-6) header'''
557 assert {'encapsulation': 'ether', 'packets': 1, \
558 'datasize': 90, 'expert': ''} == \
559 run_text2pcap_capinfos_tshark(
560 "0000 0b 59 0b 59 00 00 00 00 26 98 58 51 00 03 00 18\n" +
561 "0010 00 00 00 00 00 00 00 00 00 00 00 03 01 00 03 03\n" +
562 "0020 00 00 00 08\n",
563 ("-i", "132", "-6", "::1,::1"))
564
565
566 class TestText2pcapOtherOptions:
567 '''Test other command line options'''
568 def test_text2pcap_option_N(self, cmd_text2pcap, cmd_tshark, capture_file, result_file, base_env):
569 '''Test -N <intf-name> option'''
570 testin_file = result_file(testin_txt)
571 testout_file = result_file(testout_pcapng)
572
573 with open(testin_file, 'w') as f:
574 f.write("0000 00\n")
575 f.close()
576 subprocess.check_call((cmd_text2pcap, "-F", "pcapng", "-N", "your-interface-name", testin_file, testout_file), env=base_env)
577 stdout = subprocess.check_output((cmd_tshark, "-r", testout_file, "-Tfields", "-eframe.interface_name", "-c1"), encoding='utf-8', env=base_env)
578 assert stdout.rstrip() == "your-interface-name"
Metzes wireshark repo