diff options
Diffstat (limited to 'tools/dftestlib')
-rw-r--r-- | tools/dftestlib/__init__.py | 0 | ||||
-rw-r--r-- | tools/dftestlib/bytes_ether.py | 104 | ||||
-rw-r--r-- | tools/dftestlib/bytes_ipv6.py | 14 | ||||
-rw-r--r-- | tools/dftestlib/bytes_type.py | 14 | ||||
-rw-r--r-- | tools/dftestlib/dftest.py | 76 | ||||
-rw-r--r-- | tools/dftestlib/double.py | 63 | ||||
-rw-r--r-- | tools/dftestlib/integer.py | 134 | ||||
-rw-r--r-- | tools/dftestlib/integer_1byte.py | 15 | ||||
-rw-r--r-- | tools/dftestlib/ipv4.py | 108 | ||||
-rw-r--r-- | tools/dftestlib/range_method.py | 30 | ||||
-rw-r--r-- | tools/dftestlib/scanner.py | 30 | ||||
-rw-r--r-- | tools/dftestlib/string_type.py | 159 | ||||
-rw-r--r-- | tools/dftestlib/stringz.py | 19 | ||||
-rw-r--r-- | tools/dftestlib/time_relative.py | 19 | ||||
-rw-r--r-- | tools/dftestlib/time_type.py | 71 | ||||
-rw-r--r-- | tools/dftestlib/uint64.py | 14 | ||||
-rw-r--r-- | tools/dftestlib/util.py | 29 |
17 files changed, 899 insertions, 0 deletions
diff --git a/tools/dftestlib/__init__.py b/tools/dftestlib/__init__.py new file mode 100644 index 0000000000..e69de29bb2 --- /dev/null +++ b/tools/dftestlib/__init__.py diff --git a/tools/dftestlib/bytes_ether.py b/tools/dftestlib/bytes_ether.py new file mode 100644 index 0000000000..849e6ac209 --- /dev/null +++ b/tools/dftestlib/bytes_ether.py @@ -0,0 +1,104 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testBytesEther(dftest.DFTest): + trace_file = "ipx_rip.cap" + + ### Note: Bytes test does not yet test FT_INT64. + + def test_eq_1(self): + dfilter = "eth.dst == ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "eth.src == ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = "eth.dst != ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 0) + + def test_ne_2(self): + dfilter = "eth.src != ff:ff:ff:ff:ff:ff" + self.assertDFilterCount(dfilter, 1) + + def test_gt_1(self): + dfilter = "eth.src > 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 0) + + def test_gt_2(self): + dfilter = "eth.src > 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = "eth.src > 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 1) + + def test_ge_1(self): + dfilter = "eth.src >= 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 0) + + def test_ge_2(self): + dfilter = "eth.src >= 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = "eth.src >= 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 1) + + def test_lt_1(self): + dfilter = "eth.src < 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "eth.src < 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = "eth.src < 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "eth.src <= 00:aa:00:a3:e3:ff" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "eth.src <= 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = "eth.src <= 00:aa:00:a3:e3:00" + self.assertDFilterCount(dfilter, 0) + + def test_slice_1(self): + dfilter = "eth.src[0:3] == 00:aa:00" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = "eth.src[-3:3] == a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_slice_3(self): + dfilter = "eth.src[1:4] == aa:00:a3:e3" + self.assertDFilterCount(dfilter, 1) + + def test_slice_4(self): + dfilter = "eth.src[0] == 00" + self.assertDFilterCount(dfilter, 1) + + def test_contains_1(self): + dfilter = "ipx.src.node contains a3" + self.assertDFilterCount(dfilter, 1) + + def test_contains_2(self): + dfilter = "ipx.src.node contains a3:e3" + self.assertDFilterCount(dfilter, 1) + + def test_contains_3(self): + dfilter = "ipx.src.node contains 00:aa:00:a3:e3:a4" + self.assertDFilterCount(dfilter, 1) + + def test_contains_4(self): + dfilter = "ipx.src.node contains aa:e3" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/bytes_ipv6.py b/tools/dftestlib/bytes_ipv6.py new file mode 100644 index 0000000000..4736051b9e --- /dev/null +++ b/tools/dftestlib/bytes_ipv6.py @@ -0,0 +1,14 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testBytesIPv6(dftest.DFTest): + trace_file = "ipv6.cap" + + def test_ipv6_1(self): + dfilter = "ipv6.dst == ff05::9999" + self.assertDFilterCount(dfilter, 1) + + def test_ipv6_2(self): + dfilter = "ipv6.dst == ff05::9990" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/bytes_type.py b/tools/dftestlib/bytes_type.py new file mode 100644 index 0000000000..e17c9a14f0 --- /dev/null +++ b/tools/dftestlib/bytes_type.py @@ -0,0 +1,14 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testBytes(dftest.DFTest): + trace_file = "arp.cap" + + def test_bytes_1(self): + dfilter = "arp.dst.hw == 00:64" + self.assertDFilterCount(dfilter, 1) + + def test_ipv6_2(self): + dfilter = "arp.dst.hw == 00:00" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/dftest.py b/tools/dftestlib/dftest.py new file mode 100644 index 0000000000..2fa44eec8c --- /dev/null +++ b/tools/dftestlib/dftest.py @@ -0,0 +1,76 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +import os +import tempfile +import unittest + +from dftestlib import util + +# The binaries to use. We assume we are running +# from the top of the wireshark distro +TSHARK = os.path.join(".", "tshark") + +class DFTest(unittest.TestCase): + """Base class for all tests in this dfilter-test collection.""" + + # Remove these file when finished (in tearDownClass) + files_to_remove = [] + + @classmethod + def setUpClass(cls): + """Create the trace file to be used in the tests.""" + assert cls.trace_file + + # if the class sets the 'trace_file' field, then it + # names the trace file to use for the tests. It *should* + # reside in dftestfiles + assert not os.path.isabs(cls.trace_file) + cls.trace_file = os.path.join(".", "tools", "dftestfiles", + cls.trace_file) + + @classmethod + def tearDownClass(cls): + """Remove the trace file used in the tests.""" + for filename in cls.files_to_remove: + if os.path.exists(filename): + try: + os.remove(filename) + except OSError: + pass + + + def runDFilter(self, dfilter): + # Create the tshark command + cmdv = [TSHARK, + "-n", # No name resolution + "-r", # Next arg is trace file to read + self.trace_file, + "-Y", # packet display filter (used to be -R) + dfilter] + + (status, output) = util.exec_cmdv(cmdv) + return status, output + + + def assertDFilterCount(self, dfilter, expected_count): + """Run a display filter and expect a certain number of packets.""" + + (status, output) = self.runDFilter(dfilter) + + # tshark must succeed + self.assertEqual(status, util.SUCCESS, output) + + # Split the output (one big string) into lines, removing + # empty lines (extra newline at end of output) + lines = [L for L in output.split("\n") if L != ""] + + msg = "Expected %d, got: %s" % (expected_count, output) + self.assertEqual(len(lines), expected_count, msg) + + def assertDFilterFail(self, dfilter): + """Run a display filter and expect tshark to fail""" + + (status, output) = self.runDFilter(dfilter) + + # tshark must succeed + self.assertNotEqual(status, util.SUCCESS, output) diff --git a/tools/dftestlib/double.py b/tools/dftestlib/double.py new file mode 100644 index 0000000000..9b84a25c79 --- /dev/null +++ b/tools/dftestlib/double.py @@ -0,0 +1,63 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testDouble(dftest.DFTest): + + trace_file = "ntp.cap" + + def test_eq_1(self): + dfilter = "ntp.rootdelay == 0.0626983642578125" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ntp.rootdelay == 0.0626" + self.assertDFilterCount(dfilter, 0) + + def test_gt_1(self): + dfilter = "ntp.rootdelay > 1.0626" + self.assertDFilterCount(dfilter, 0) + + def test_gt_2(self): + dfilter = "ntp.rootdelay > 0.0626983642578125" + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = "ntp.rootdelay > 0.0026" + self.assertDFilterCount(dfilter, 1) + + def test_ge_1(self): + dfilter = "ntp.rootdelay >= 1.0026" + self.assertDFilterCount(dfilter, 0) + + def test_ge_2(self): + dfilter = "ntp.rootdelay >= 0.0626983642578125" + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = "ntp.rootdelay >= 0.0026" + self.assertDFilterCount(dfilter, 1) + + def test_lt_1(self): + dfilter = "ntp.rootdelay < 1.0026" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "ntp.rootdelay < 0.0626983642578125" + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = "ntp.rootdelay < 0.0026" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "ntp.rootdelay <= 1.0026" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "ntp.rootdelay <= 0.0626983642578125" + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = "ntp.rootdelay <= 0.0026" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/integer.py b/tools/dftestlib/integer.py new file mode 100644 index 0000000000..327b68daa1 --- /dev/null +++ b/tools/dftestlib/integer.py @@ -0,0 +1,134 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testInteger(dftest.DFTest): + trace_file = "ntp.cap" + + def test_eq_1(self): + dfilter = "ip.version == 4" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ip.version == 6" + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = "ip.version != 0" + self.assertDFilterCount(dfilter, 1) + + def test_ne_2(self): + dfilter = "ip.version != 4" + self.assertDFilterCount(dfilter, 0) + + def test_u_gt_1(self): + dfilter = "ip.version > 3" + self.assertDFilterCount(dfilter, 1) + + def test_u_gt_2(self): + dfilter = "ip.version > 4" + self.assertDFilterCount(dfilter, 0) + + def test_u_gt_3(self): + dfilter = "ip.version > 5" + self.assertDFilterCount(dfilter, 0) + + def test_u_ge_1(self): + dfilter = "ip.version >= 3" + self.assertDFilterCount(dfilter, 1) + + def test_u_ge_2(self): + dfilter = "ip.version >= 4" + self.assertDFilterCount(dfilter, 1) + + def test_u_ge_3(self): + dfilter = "ip.version >= 5" + self.assertDFilterCount(dfilter, 0) + + def test_u_lt_1(self): + dfilter = "ip.version < 3" + self.assertDFilterCount(dfilter, 0) + + def test_u_lt_2(self): + dfilter = "ip.version < 4" + self.assertDFilterCount(dfilter, 0) + + def test_u_lt_3(self): + dfilter = "ip.version < 5" + self.assertDFilterCount(dfilter, 1) + + def test_u_le_1(self): + dfilter = "ip.version <= 3" + self.assertDFilterCount(dfilter, 0) + + def test_u_le_2(self): + dfilter = "ip.version <= 4" + self.assertDFilterCount(dfilter, 1) + + def test_u_le_3(self): + dfilter = "ip.version <= 5" + self.assertDFilterCount(dfilter, 1) + + def test_s_gt_1(self): + dfilter = "ntp.precision > -12" + self.assertDFilterCount(dfilter, 1) + + def test_s_gt_2(self): + dfilter = "ntp.precision > -11" + self.assertDFilterCount(dfilter, 0) + + def test_s_gt_3(self): + dfilter = "ntp.precision > -10" + self.assertDFilterCount(dfilter, 0) + + def test_s_ge_1(self): + dfilter = "ntp.precision >= -12" + self.assertDFilterCount(dfilter, 1) + + def test_s_ge_2(self): + dfilter = "ntp.precision >= -11" + self.assertDFilterCount(dfilter, 1) + + def test_s_ge_3(self): + dfilter = "ntp.precision >= -10" + self.assertDFilterCount(dfilter, 0) + + def test_s_lt_1(self): + dfilter = "ntp.precision < -12" + self.assertDFilterCount(dfilter, 0) + + def test_s_lt_2(self): + dfilter = "ntp.precision < -11" + self.assertDFilterCount(dfilter, 0) + + def test_s_lt_3(self): + dfilter = "ntp.precision < -10" + self.assertDFilterCount(dfilter, 1) + + def test_s_le_1(self): + dfilter = "ntp.precision <= -12" + self.assertDFilterCount(dfilter, 0) + + def test_s_le_2(self): + dfilter = "ntp.precision <= -11" + self.assertDFilterCount(dfilter, 1) + + def test_s_le_3(self): + dfilter = "ntp.precision <= -10" + self.assertDFilterCount(dfilter, 1) + + def test_bool_eq_1(self): + dfilter = "ip.flags.df == 0" + self.assertDFilterCount(dfilter, 1) + + def test_bool_eq_2(self): + dfilter = "ip.flags.df == 1" + self.assertDFilterCount(dfilter, 0) + + def test_bool_ne_1(self): + dfilter = "ip.flags.df != 1" + self.assertDFilterCount(dfilter, 1) + + def test_bool_ne_2(self): + dfilter = "ip.flags.df != 0" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/integer_1byte.py b/tools/dftestlib/integer_1byte.py new file mode 100644 index 0000000000..4c869a37af --- /dev/null +++ b/tools/dftestlib/integer_1byte.py @@ -0,0 +1,15 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testInteger1Byte(dftest.DFTest): + + trace_file = "ipx_rip.cap" + + def test_ipx_1(self): + dfilter = "ipx.src.net == 0x28" + self.assertDFilterCount(dfilter, 1) + + def test_ipx_2(self): + dfilter = "ipx.src.net == 0x29" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/ipv4.py b/tools/dftestlib/ipv4.py new file mode 100644 index 0000000000..dc028a1897 --- /dev/null +++ b/tools/dftestlib/ipv4.py @@ -0,0 +1,108 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testIPv4(dftest.DFTest): + trace_file = "nfs.cap" + + def test_uint64_1(self): + dfilter = "nfs.fattr3.size == 264032" + self.assertDFilterCount(dfilter, 1) + + def test_eq_1(self): + dfilter = "ip.src == 172.25.100.14" + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = "ip.src == 255.255.255.255" + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = "ip.src != 172.25.100.14" + self.assertDFilterCount(dfilter, 1) + + def test_ne_2(self): + dfilter = "ip.src != 255.255.255.255" + self.assertDFilterCount(dfilter, 2) + + def test_gt_1(self): + dfilter = "ip.dst > 198.95.230.200" + self.assertDFilterCount(dfilter, 0) + + def test_gt_2(self): + dfilter = "ip.dst > 198.95.230.20" + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = "ip.dst > 198.95.230.10" + self.assertDFilterCount(dfilter, 1) + + def test_ge_1(self): + dfilter = "ip.dst >= 198.95.230.200" + self.assertDFilterCount(dfilter, 0) + + def test_ge_2(self): + dfilter = "ip.dst >= 198.95.230.20" + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = "ip.dst >= 198.95.230.10" + self.assertDFilterCount(dfilter, 1) + + def test_lt_1(self): + dfilter = "ip.src < 172.25.100.140" + self.assertDFilterCount(dfilter, 1) + + def test_lt_2(self): + dfilter = "ip.src < 172.25.100.14" + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = "ip.src < 172.25.100.10" + self.assertDFilterCount(dfilter, 0) + + def test_le_1(self): + dfilter = "ip.src <= 172.25.100.140" + self.assertDFilterCount(dfilter, 1) + + def test_le_2(self): + dfilter = "ip.src <= 172.25.100.14" + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = "ip.src <= 172.25.100.10" + self.assertDFilterCount(dfilter, 0) + + def test_cidr_eq_1(self): + dfilter = "ip.src == 172.25.100.14/32" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_2(self): + dfilter = "ip.src == 172.25.100.0/24" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_3(self): + dfilter = "ip.src == 172.25.0.0/16" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_eq_4(self): + dfilter = "ip.src == 172.0.0.0/8" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_1(self): + dfilter = "ip.src != 172.25.100.14/32" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_2(self): + dfilter = "ip.src != 172.25.100.0/24" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_3(self): + dfilter = "ip.src != 172.25.0.0/16" + self.assertDFilterCount(dfilter, 1) + + def test_cidr_ne_4(self): + dfilter = "ip.src != 200.0.0.0/8" + self.assertDFilterCount(dfilter, 2) + + diff --git a/tools/dftestlib/range_method.py b/tools/dftestlib/range_method.py new file mode 100644 index 0000000000..06be80b576 --- /dev/null +++ b/tools/dftestlib/range_method.py @@ -0,0 +1,30 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testRange(dftest.DFTest): + trace_file = "ipx_rip.cap" + + def test_slice_1_pos(self): + dfilter = "ipx.src.node[1] == aa" + self.assertDFilterCount(dfilter, 1) + + def test_slice_1_neg(self): + dfilter = "ipx.src.node[1] == bb" + self.assertDFilterCount(dfilter, 0) + + def test_slice_1_hex_pos(self): + dfilter = "ipx.src.node[1] == 0xaa" + self.assertDFilterCount(dfilter, 1) + + def test_slice_1_hex_neg(self): + dfilter = "ipx.src.node[1] == 0xbb" + self.assertDFilterCount(dfilter, 0) + + def test_slice_2_pos(self): + dfilter = "ipx.src.node[3:2] == a3:e3" + self.assertDFilterCount(dfilter, 1) + + def test_slice_2_neg(self): + dfilter = "ipx.src.node[3:2] == cc:dd" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/scanner.py b/tools/dftestlib/scanner.py new file mode 100644 index 0000000000..bca1f1924e --- /dev/null +++ b/tools/dftestlib/scanner.py @@ -0,0 +1,30 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testScanner(dftest.DFTest): + trace_file = "http.cap" + + def test_dquote_1(self): + dfilter = 'http.request.method == "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_dquote_2(self): + dfilter = 'http.request.method == "\\x48EAD"' + self.assertDFilterCount(dfilter, 1) + + def test_dquote_3(self): + dfilter = 'http.request.method == "\\x58EAD"' + self.assertDFilterCount(dfilter, 0) + + def test_dquote_4(self): + dfilter = 'http.request.method == "\\110EAD"' + self.assertDFilterCount(dfilter, 1) + + def test_dquote_5(self): + dfilter = 'http.request.method == "\\111EAD"' + self.assertDFilterCount(dfilter, 0) + + def test_dquote_6(self): + dfilter = 'http.request.method == "\\HEAD"' + self.assertDFilterCount(dfilter, 1) diff --git a/tools/dftestlib/string_type.py b/tools/dftestlib/string_type.py new file mode 100644 index 0000000000..fcc6e76f9e --- /dev/null +++ b/tools/dftestlib/string_type.py @@ -0,0 +1,159 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testString(dftest.DFTest): + trace_file = "http.cap" + + def test_eq_1(self): + dfilter = 'http.request.method == "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = 'http.request.method == "POST"' + self.assertDFilterCount(dfilter, 0) + + def test_gt_1(self): + dfilter = 'http.request.method > "HEAC"' + self.assertDFilterCount(dfilter, 1) + + def test_gt_2(self): + dfilter = 'http.request.method > "HEAD"' + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = 'http.request.method > "HEAE"' + self.assertDFilterCount(dfilter, 0) + + def test_ge_1(self): + dfilter = 'http.request.method >= "HEAC"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_2(self): + dfilter = 'http.request.method >= "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = 'http.request.method >= "HEAE"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_1(self): + dfilter = 'http.request.method < "HEAC"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_2(self): + dfilter = 'http.request.method < "HEAD"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = 'http.request.method < "HEAE"' + self.assertDFilterCount(dfilter, 1) + + def test_le_1(self): + dfilter = 'http.request.method <= "HEAC"' + self.assertDFilterCount(dfilter, 0) + + def test_le_2(self): + dfilter = 'http.request.method <= "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = 'http.request.method <= "HEAE"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_1(self): + dfilter = 'http.request.method[0] == "H"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_2(self): + dfilter = 'http.request.method[0] == "P"' + self.assertDFilterCount(dfilter, 0) + + def test_slice_3(self): + dfilter = 'http.request.method[0:4] == "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_4(self): + dfilter = 'http.request.method[0:4] != "HEAD"' + self.assertDFilterCount(dfilter, 0) + + def test_slice_5(self): + dfilter = 'http.request.method[1:2] == "EA"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_6(self): + dfilter = 'http.request.method[1:2] > "EA"' + self.assertDFilterCount(dfilter, 0) + + def test_slice_7(self): + dfilter = 'http.request.method[-1] == "D"' + self.assertDFilterCount(dfilter, 1) + + def test_slice_8(self): + dfilter = 'http.request.method[-2] == "D"' + self.assertDFilterCount(dfilter, 0) + + def xxxtest_stringz_1(self): + return self.DFilterCount(pkt_tftp, + 'tftp.type == "octet"', 1) + + def xxxtest_stringz_2(self): + return self.DFilterCount(pkt_tftp, + 'tftp.type == "junk"', 0) + + def test_contains_1(self): + dfilter = 'http.request.method contains "E"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_2(self): + dfilter = 'http.request.method contains "EA"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_3(self): + dfilter = 'http.request.method contains "HEAD"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_4(self): + dfilter = 'http.request.method contains "POST"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_5(self): + dfilter = 'http.request.method contains 50:4f:53:54' # "POST" + self.assertDFilterCount(dfilter, 0) + + def test_contains_6(self): + dfilter = 'http.request.method contains 48:45:41:44' # "HEAD" + self.assertDFilterCount(dfilter, 1) + + def test_contains_fail_0(self): + dfilter = 'http.user_agent contains "update"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_fail_1(self): + dfilter = 'http.user_agent contains "UPDATE"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_upper_0(self): + dfilter = 'upper(http.user_agent) contains "UPDATE"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_upper_1(self): + dfilter = 'upper(http.user_agent) contains "update"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_upper_2(self): + dfilter = 'upper(tcp.seq) == 4' + self.assertDFilterFail(dfilter) + + def test_contains_lower_0(self): + dfilter = 'lower(http.user_agent) contains "UPDATE"' + self.assertDFilterCount(dfilter, 0) + + def test_contains_lower_1(self): + dfilter = 'lower(http.user_agent) contains "update"' + self.assertDFilterCount(dfilter, 1) + + def test_contains_lower_2(self): + dfilter = 'lower(tcp.seq) == 4' + self.assertDFilterFail(dfilter) + diff --git a/tools/dftestlib/stringz.py b/tools/dftestlib/stringz.py new file mode 100644 index 0000000000..c3e85ea52a --- /dev/null +++ b/tools/dftestlib/stringz.py @@ -0,0 +1,19 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testStringz(dftest.DFTest): + trace_file = "tftp.cap" + + def test_stringz_1(self): + dfilter = 'tftp.type == octet' + self.assertDFilterCount(dfilter, 1) + + def test_stringz_2(self): + dfilter = 'tftp.type == "octet"' + self.assertDFilterCount(dfilter, 1) + + def test_stringz_3(self): + dfilter = 'tftp.type == junk' + self.assertDFilterCount(dfilter, 0) + diff --git a/tools/dftestlib/time_relative.py b/tools/dftestlib/time_relative.py new file mode 100644 index 0000000000..68abae511d --- /dev/null +++ b/tools/dftestlib/time_relative.py @@ -0,0 +1,19 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testTimeRelative(dftest.DFTest): + trace_file = "nfs.cap" + + def test_relative_time_1(self): + dfilter = "frame.time_delta == 0.7" + self.assertDFilterCount(dfilter, 1) + + def test_relative_time_2(self): + dfilter = "frame.time_delta > 0.7" + self.assertDFilterCount(dfilter, 0) + + def test_relative_time_3(self): + dfilter = "frame.time_delta < 0.7" + self.assertDFilterCount(dfilter, 1) + diff --git a/tools/dftestlib/time_type.py b/tools/dftestlib/time_type.py new file mode 100644 index 0000000000..41982cb126 --- /dev/null +++ b/tools/dftestlib/time_type.py @@ -0,0 +1,71 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testTime(dftest.DFTest): + trace_file = "http.cap" + + def test_eq_1(self): + dfilter = 'frame.time == "Dec 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_eq_2(self): + dfilter = 'frame.time == "Jan 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_ne_1(self): + dfilter = 'frame.time != "Dec 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_ne_2(self): + dfilter = 'frame.time != "Jan 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_gt_1(self): + dfilter = 'frame.time > "Dec 31, 2002 07:54:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_gt_2(self): + dfilter = 'frame.time > "Dec 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_gt_3(self): + dfilter = 'frame.time > "Dec 31, 2002 07:56:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_ge_1(self): + dfilter = 'frame.time >= "Dec 31, 2002 07:54:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_2(self): + dfilter = 'frame.time >= "Dec 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_ge_3(self): + dfilter = 'frame.time >= "Dec 31, 2002 07:56:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_1(self): + dfilter = 'frame.time < "Dec 31, 2002 07:54:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_2(self): + dfilter = 'frame.time < "Dec 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_lt_3(self): + dfilter = 'frame.time < "Dec 31, 2002 07:56:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_le_1(self): + dfilter = 'frame.time <= "Dec 31, 2002 07:54:31.3"' + self.assertDFilterCount(dfilter, 0) + + def test_le_2(self): + dfilter = 'frame.time <= "Dec 31, 2002 07:55:31.3"' + self.assertDFilterCount(dfilter, 1) + + def test_le_3(self): + dfilter = 'frame.time <= "Dec 31, 2002 07:56:31.3"' + self.assertDFilterCount(dfilter, 1) + diff --git a/tools/dftestlib/uint64.py b/tools/dftestlib/uint64.py new file mode 100644 index 0000000000..c6cf82b040 --- /dev/null +++ b/tools/dftestlib/uint64.py @@ -0,0 +1,14 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +from dftestlib import dftest + +class testUINT64(dftest.DFTest): + trace_file = "nfs.cap" + + def test_uint64_1(self): + dfilter = "nfs.fattr3.size == 264032" + self.assertDFilterCount(dfilter, 1) + + def test_uint64_2(self): + dfilter = "nfs.fattr3.size == 264000" + self.assertDFilterCount(dfilter, 0) diff --git a/tools/dftestlib/util.py b/tools/dftestlib/util.py new file mode 100644 index 0000000000..7c66385907 --- /dev/null +++ b/tools/dftestlib/util.py @@ -0,0 +1,29 @@ +# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu> + +import subprocess + +SUCCESS = 0 +def exec_cmdv(cmdv, cwd=None, stdin=None): + """Run the commands in cmdv, returning (retval, output), + where output is stdout and stderr combined. + If cwd is given, the child process runs in that directory. + If a filehandle is passed as stdin, it is used as stdin. + If there is an OS-level error, None is the retval.""" + + try: + output = subprocess.check_output(cmdv, stderr=subprocess.STDOUT, + cwd=cwd, stdin=stdin) + retval = SUCCESS + + # If file isn't executable + except OSError, e: + output = str(e) + retval = None + + # If process returns non-zero + except subprocess.CalledProcessError, e: + output = e.output + retval = e.returncode + + return (retval, output) + |