summaryrefslogtreecommitdiff
path: root/tools/dftestlib
diff options
context:
space:
mode:
Diffstat (limited to 'tools/dftestlib')
-rw-r--r--tools/dftestlib/__init__.py0
-rw-r--r--tools/dftestlib/bytes_ether.py104
-rw-r--r--tools/dftestlib/bytes_ipv6.py14
-rw-r--r--tools/dftestlib/bytes_type.py14
-rw-r--r--tools/dftestlib/dftest.py76
-rw-r--r--tools/dftestlib/double.py63
-rw-r--r--tools/dftestlib/integer.py134
-rw-r--r--tools/dftestlib/integer_1byte.py15
-rw-r--r--tools/dftestlib/ipv4.py108
-rw-r--r--tools/dftestlib/range_method.py30
-rw-r--r--tools/dftestlib/scanner.py30
-rw-r--r--tools/dftestlib/string_type.py159
-rw-r--r--tools/dftestlib/stringz.py19
-rw-r--r--tools/dftestlib/time_relative.py19
-rw-r--r--tools/dftestlib/time_type.py71
-rw-r--r--tools/dftestlib/uint64.py14
-rw-r--r--tools/dftestlib/util.py29
17 files changed, 899 insertions, 0 deletions
diff --git a/tools/dftestlib/__init__.py b/tools/dftestlib/__init__.py
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/tools/dftestlib/__init__.py
diff --git a/tools/dftestlib/bytes_ether.py b/tools/dftestlib/bytes_ether.py
new file mode 100644
index 0000000000..849e6ac209
--- /dev/null
+++ b/tools/dftestlib/bytes_ether.py
@@ -0,0 +1,104 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testBytesEther(dftest.DFTest):
+ trace_file = "ipx_rip.cap"
+
+ ### Note: Bytes test does not yet test FT_INT64.
+
+ def test_eq_1(self):
+ dfilter = "eth.dst == ff:ff:ff:ff:ff:ff"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_2(self):
+ dfilter = "eth.src == ff:ff:ff:ff:ff:ff"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ne_1(self):
+ dfilter = "eth.dst != ff:ff:ff:ff:ff:ff"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ne_2(self):
+ dfilter = "eth.src != ff:ff:ff:ff:ff:ff"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_gt_1(self):
+ dfilter = "eth.src > 00:aa:00:a3:e3:ff"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_2(self):
+ dfilter = "eth.src > 00:aa:00:a3:e3:a4"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_3(self):
+ dfilter = "eth.src > 00:aa:00:a3:e3:00"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_1(self):
+ dfilter = "eth.src >= 00:aa:00:a3:e3:ff"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ge_2(self):
+ dfilter = "eth.src >= 00:aa:00:a3:e3:a4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_3(self):
+ dfilter = "eth.src >= 00:aa:00:a3:e3:00"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_lt_1(self):
+ dfilter = "eth.src < 00:aa:00:a3:e3:ff"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_lt_2(self):
+ dfilter = "eth.src < 00:aa:00:a3:e3:a4"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_3(self):
+ dfilter = "eth.src < 00:aa:00:a3:e3:00"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_le_1(self):
+ dfilter = "eth.src <= 00:aa:00:a3:e3:ff"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_2(self):
+ dfilter = "eth.src <= 00:aa:00:a3:e3:a4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_3(self):
+ dfilter = "eth.src <= 00:aa:00:a3:e3:00"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_slice_1(self):
+ dfilter = "eth.src[0:3] == 00:aa:00"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_2(self):
+ dfilter = "eth.src[-3:3] == a3:e3:a4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_3(self):
+ dfilter = "eth.src[1:4] == aa:00:a3:e3"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_4(self):
+ dfilter = "eth.src[0] == 00"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_1(self):
+ dfilter = "ipx.src.node contains a3"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_2(self):
+ dfilter = "ipx.src.node contains a3:e3"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_3(self):
+ dfilter = "ipx.src.node contains 00:aa:00:a3:e3:a4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_4(self):
+ dfilter = "ipx.src.node contains aa:e3"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/bytes_ipv6.py b/tools/dftestlib/bytes_ipv6.py
new file mode 100644
index 0000000000..4736051b9e
--- /dev/null
+++ b/tools/dftestlib/bytes_ipv6.py
@@ -0,0 +1,14 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testBytesIPv6(dftest.DFTest):
+ trace_file = "ipv6.cap"
+
+ def test_ipv6_1(self):
+ dfilter = "ipv6.dst == ff05::9999"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ipv6_2(self):
+ dfilter = "ipv6.dst == ff05::9990"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/bytes_type.py b/tools/dftestlib/bytes_type.py
new file mode 100644
index 0000000000..e17c9a14f0
--- /dev/null
+++ b/tools/dftestlib/bytes_type.py
@@ -0,0 +1,14 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testBytes(dftest.DFTest):
+ trace_file = "arp.cap"
+
+ def test_bytes_1(self):
+ dfilter = "arp.dst.hw == 00:64"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ipv6_2(self):
+ dfilter = "arp.dst.hw == 00:00"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/dftest.py b/tools/dftestlib/dftest.py
new file mode 100644
index 0000000000..2fa44eec8c
--- /dev/null
+++ b/tools/dftestlib/dftest.py
@@ -0,0 +1,76 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+import os
+import tempfile
+import unittest
+
+from dftestlib import util
+
+# The binaries to use. We assume we are running
+# from the top of the wireshark distro
+TSHARK = os.path.join(".", "tshark")
+
+class DFTest(unittest.TestCase):
+ """Base class for all tests in this dfilter-test collection."""
+
+ # Remove these file when finished (in tearDownClass)
+ files_to_remove = []
+
+ @classmethod
+ def setUpClass(cls):
+ """Create the trace file to be used in the tests."""
+ assert cls.trace_file
+
+ # if the class sets the 'trace_file' field, then it
+ # names the trace file to use for the tests. It *should*
+ # reside in dftestfiles
+ assert not os.path.isabs(cls.trace_file)
+ cls.trace_file = os.path.join(".", "tools", "dftestfiles",
+ cls.trace_file)
+
+ @classmethod
+ def tearDownClass(cls):
+ """Remove the trace file used in the tests."""
+ for filename in cls.files_to_remove:
+ if os.path.exists(filename):
+ try:
+ os.remove(filename)
+ except OSError:
+ pass
+
+
+ def runDFilter(self, dfilter):
+ # Create the tshark command
+ cmdv = [TSHARK,
+ "-n", # No name resolution
+ "-r", # Next arg is trace file to read
+ self.trace_file,
+ "-Y", # packet display filter (used to be -R)
+ dfilter]
+
+ (status, output) = util.exec_cmdv(cmdv)
+ return status, output
+
+
+ def assertDFilterCount(self, dfilter, expected_count):
+ """Run a display filter and expect a certain number of packets."""
+
+ (status, output) = self.runDFilter(dfilter)
+
+ # tshark must succeed
+ self.assertEqual(status, util.SUCCESS, output)
+
+ # Split the output (one big string) into lines, removing
+ # empty lines (extra newline at end of output)
+ lines = [L for L in output.split("\n") if L != ""]
+
+ msg = "Expected %d, got: %s" % (expected_count, output)
+ self.assertEqual(len(lines), expected_count, msg)
+
+ def assertDFilterFail(self, dfilter):
+ """Run a display filter and expect tshark to fail"""
+
+ (status, output) = self.runDFilter(dfilter)
+
+ # tshark must succeed
+ self.assertNotEqual(status, util.SUCCESS, output)
diff --git a/tools/dftestlib/double.py b/tools/dftestlib/double.py
new file mode 100644
index 0000000000..9b84a25c79
--- /dev/null
+++ b/tools/dftestlib/double.py
@@ -0,0 +1,63 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testDouble(dftest.DFTest):
+
+ trace_file = "ntp.cap"
+
+ def test_eq_1(self):
+ dfilter = "ntp.rootdelay == 0.0626983642578125"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_2(self):
+ dfilter = "ntp.rootdelay == 0.0626"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_1(self):
+ dfilter = "ntp.rootdelay > 1.0626"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_2(self):
+ dfilter = "ntp.rootdelay > 0.0626983642578125"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_3(self):
+ dfilter = "ntp.rootdelay > 0.0026"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_1(self):
+ dfilter = "ntp.rootdelay >= 1.0026"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ge_2(self):
+ dfilter = "ntp.rootdelay >= 0.0626983642578125"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_3(self):
+ dfilter = "ntp.rootdelay >= 0.0026"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_lt_1(self):
+ dfilter = "ntp.rootdelay < 1.0026"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_lt_2(self):
+ dfilter = "ntp.rootdelay < 0.0626983642578125"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_3(self):
+ dfilter = "ntp.rootdelay < 0.0026"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_le_1(self):
+ dfilter = "ntp.rootdelay <= 1.0026"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_2(self):
+ dfilter = "ntp.rootdelay <= 0.0626983642578125"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_3(self):
+ dfilter = "ntp.rootdelay <= 0.0026"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/integer.py b/tools/dftestlib/integer.py
new file mode 100644
index 0000000000..327b68daa1
--- /dev/null
+++ b/tools/dftestlib/integer.py
@@ -0,0 +1,134 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testInteger(dftest.DFTest):
+ trace_file = "ntp.cap"
+
+ def test_eq_1(self):
+ dfilter = "ip.version == 4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_2(self):
+ dfilter = "ip.version == 6"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ne_1(self):
+ dfilter = "ip.version != 0"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ne_2(self):
+ dfilter = "ip.version != 4"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_gt_1(self):
+ dfilter = "ip.version > 3"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_u_gt_2(self):
+ dfilter = "ip.version > 4"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_gt_3(self):
+ dfilter = "ip.version > 5"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_ge_1(self):
+ dfilter = "ip.version >= 3"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_u_ge_2(self):
+ dfilter = "ip.version >= 4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_u_ge_3(self):
+ dfilter = "ip.version >= 5"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_lt_1(self):
+ dfilter = "ip.version < 3"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_lt_2(self):
+ dfilter = "ip.version < 4"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_lt_3(self):
+ dfilter = "ip.version < 5"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_u_le_1(self):
+ dfilter = "ip.version <= 3"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_u_le_2(self):
+ dfilter = "ip.version <= 4"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_u_le_3(self):
+ dfilter = "ip.version <= 5"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_s_gt_1(self):
+ dfilter = "ntp.precision > -12"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_s_gt_2(self):
+ dfilter = "ntp.precision > -11"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_s_gt_3(self):
+ dfilter = "ntp.precision > -10"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_s_ge_1(self):
+ dfilter = "ntp.precision >= -12"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_s_ge_2(self):
+ dfilter = "ntp.precision >= -11"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_s_ge_3(self):
+ dfilter = "ntp.precision >= -10"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_s_lt_1(self):
+ dfilter = "ntp.precision < -12"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_s_lt_2(self):
+ dfilter = "ntp.precision < -11"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_s_lt_3(self):
+ dfilter = "ntp.precision < -10"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_s_le_1(self):
+ dfilter = "ntp.precision <= -12"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_s_le_2(self):
+ dfilter = "ntp.precision <= -11"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_s_le_3(self):
+ dfilter = "ntp.precision <= -10"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_bool_eq_1(self):
+ dfilter = "ip.flags.df == 0"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_bool_eq_2(self):
+ dfilter = "ip.flags.df == 1"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_bool_ne_1(self):
+ dfilter = "ip.flags.df != 1"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_bool_ne_2(self):
+ dfilter = "ip.flags.df != 0"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/integer_1byte.py b/tools/dftestlib/integer_1byte.py
new file mode 100644
index 0000000000..4c869a37af
--- /dev/null
+++ b/tools/dftestlib/integer_1byte.py
@@ -0,0 +1,15 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testInteger1Byte(dftest.DFTest):
+
+ trace_file = "ipx_rip.cap"
+
+ def test_ipx_1(self):
+ dfilter = "ipx.src.net == 0x28"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ipx_2(self):
+ dfilter = "ipx.src.net == 0x29"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/ipv4.py b/tools/dftestlib/ipv4.py
new file mode 100644
index 0000000000..dc028a1897
--- /dev/null
+++ b/tools/dftestlib/ipv4.py
@@ -0,0 +1,108 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testIPv4(dftest.DFTest):
+ trace_file = "nfs.cap"
+
+ def test_uint64_1(self):
+ dfilter = "nfs.fattr3.size == 264032"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_1(self):
+ dfilter = "ip.src == 172.25.100.14"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_2(self):
+ dfilter = "ip.src == 255.255.255.255"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ne_1(self):
+ dfilter = "ip.src != 172.25.100.14"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ne_2(self):
+ dfilter = "ip.src != 255.255.255.255"
+ self.assertDFilterCount(dfilter, 2)
+
+ def test_gt_1(self):
+ dfilter = "ip.dst > 198.95.230.200"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_2(self):
+ dfilter = "ip.dst > 198.95.230.20"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_3(self):
+ dfilter = "ip.dst > 198.95.230.10"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_1(self):
+ dfilter = "ip.dst >= 198.95.230.200"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ge_2(self):
+ dfilter = "ip.dst >= 198.95.230.20"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_3(self):
+ dfilter = "ip.dst >= 198.95.230.10"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_lt_1(self):
+ dfilter = "ip.src < 172.25.100.140"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_lt_2(self):
+ dfilter = "ip.src < 172.25.100.14"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_3(self):
+ dfilter = "ip.src < 172.25.100.10"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_le_1(self):
+ dfilter = "ip.src <= 172.25.100.140"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_2(self):
+ dfilter = "ip.src <= 172.25.100.14"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_3(self):
+ dfilter = "ip.src <= 172.25.100.10"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_cidr_eq_1(self):
+ dfilter = "ip.src == 172.25.100.14/32"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_eq_2(self):
+ dfilter = "ip.src == 172.25.100.0/24"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_eq_3(self):
+ dfilter = "ip.src == 172.25.0.0/16"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_eq_4(self):
+ dfilter = "ip.src == 172.0.0.0/8"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_ne_1(self):
+ dfilter = "ip.src != 172.25.100.14/32"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_ne_2(self):
+ dfilter = "ip.src != 172.25.100.0/24"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_ne_3(self):
+ dfilter = "ip.src != 172.25.0.0/16"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_cidr_ne_4(self):
+ dfilter = "ip.src != 200.0.0.0/8"
+ self.assertDFilterCount(dfilter, 2)
+
+
diff --git a/tools/dftestlib/range_method.py b/tools/dftestlib/range_method.py
new file mode 100644
index 0000000000..06be80b576
--- /dev/null
+++ b/tools/dftestlib/range_method.py
@@ -0,0 +1,30 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testRange(dftest.DFTest):
+ trace_file = "ipx_rip.cap"
+
+ def test_slice_1_pos(self):
+ dfilter = "ipx.src.node[1] == aa"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_1_neg(self):
+ dfilter = "ipx.src.node[1] == bb"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_slice_1_hex_pos(self):
+ dfilter = "ipx.src.node[1] == 0xaa"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_1_hex_neg(self):
+ dfilter = "ipx.src.node[1] == 0xbb"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_slice_2_pos(self):
+ dfilter = "ipx.src.node[3:2] == a3:e3"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_2_neg(self):
+ dfilter = "ipx.src.node[3:2] == cc:dd"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/scanner.py b/tools/dftestlib/scanner.py
new file mode 100644
index 0000000000..bca1f1924e
--- /dev/null
+++ b/tools/dftestlib/scanner.py
@@ -0,0 +1,30 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testScanner(dftest.DFTest):
+ trace_file = "http.cap"
+
+ def test_dquote_1(self):
+ dfilter = 'http.request.method == "HEAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_dquote_2(self):
+ dfilter = 'http.request.method == "\\x48EAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_dquote_3(self):
+ dfilter = 'http.request.method == "\\x58EAD"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_dquote_4(self):
+ dfilter = 'http.request.method == "\\110EAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_dquote_5(self):
+ dfilter = 'http.request.method == "\\111EAD"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_dquote_6(self):
+ dfilter = 'http.request.method == "\\HEAD"'
+ self.assertDFilterCount(dfilter, 1)
diff --git a/tools/dftestlib/string_type.py b/tools/dftestlib/string_type.py
new file mode 100644
index 0000000000..fcc6e76f9e
--- /dev/null
+++ b/tools/dftestlib/string_type.py
@@ -0,0 +1,159 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testString(dftest.DFTest):
+ trace_file = "http.cap"
+
+ def test_eq_1(self):
+ dfilter = 'http.request.method == "HEAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_2(self):
+ dfilter = 'http.request.method == "POST"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_1(self):
+ dfilter = 'http.request.method > "HEAC"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_gt_2(self):
+ dfilter = 'http.request.method > "HEAD"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_3(self):
+ dfilter = 'http.request.method > "HEAE"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ge_1(self):
+ dfilter = 'http.request.method >= "HEAC"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_2(self):
+ dfilter = 'http.request.method >= "HEAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_3(self):
+ dfilter = 'http.request.method >= "HEAE"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_1(self):
+ dfilter = 'http.request.method < "HEAC"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_2(self):
+ dfilter = 'http.request.method < "HEAD"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_3(self):
+ dfilter = 'http.request.method < "HEAE"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_1(self):
+ dfilter = 'http.request.method <= "HEAC"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_le_2(self):
+ dfilter = 'http.request.method <= "HEAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_3(self):
+ dfilter = 'http.request.method <= "HEAE"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_1(self):
+ dfilter = 'http.request.method[0] == "H"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_2(self):
+ dfilter = 'http.request.method[0] == "P"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_slice_3(self):
+ dfilter = 'http.request.method[0:4] == "HEAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_4(self):
+ dfilter = 'http.request.method[0:4] != "HEAD"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_slice_5(self):
+ dfilter = 'http.request.method[1:2] == "EA"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_6(self):
+ dfilter = 'http.request.method[1:2] > "EA"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_slice_7(self):
+ dfilter = 'http.request.method[-1] == "D"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_slice_8(self):
+ dfilter = 'http.request.method[-2] == "D"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def xxxtest_stringz_1(self):
+ return self.DFilterCount(pkt_tftp,
+ 'tftp.type == "octet"', 1)
+
+ def xxxtest_stringz_2(self):
+ return self.DFilterCount(pkt_tftp,
+ 'tftp.type == "junk"', 0)
+
+ def test_contains_1(self):
+ dfilter = 'http.request.method contains "E"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_2(self):
+ dfilter = 'http.request.method contains "EA"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_3(self):
+ dfilter = 'http.request.method contains "HEAD"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_4(self):
+ dfilter = 'http.request.method contains "POST"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_contains_5(self):
+ dfilter = 'http.request.method contains 50:4f:53:54' # "POST"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_contains_6(self):
+ dfilter = 'http.request.method contains 48:45:41:44' # "HEAD"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_fail_0(self):
+ dfilter = 'http.user_agent contains "update"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_contains_fail_1(self):
+ dfilter = 'http.user_agent contains "UPDATE"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_contains_upper_0(self):
+ dfilter = 'upper(http.user_agent) contains "UPDATE"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_upper_1(self):
+ dfilter = 'upper(http.user_agent) contains "update"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_contains_upper_2(self):
+ dfilter = 'upper(tcp.seq) == 4'
+ self.assertDFilterFail(dfilter)
+
+ def test_contains_lower_0(self):
+ dfilter = 'lower(http.user_agent) contains "UPDATE"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_contains_lower_1(self):
+ dfilter = 'lower(http.user_agent) contains "update"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_contains_lower_2(self):
+ dfilter = 'lower(tcp.seq) == 4'
+ self.assertDFilterFail(dfilter)
+
diff --git a/tools/dftestlib/stringz.py b/tools/dftestlib/stringz.py
new file mode 100644
index 0000000000..c3e85ea52a
--- /dev/null
+++ b/tools/dftestlib/stringz.py
@@ -0,0 +1,19 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testStringz(dftest.DFTest):
+ trace_file = "tftp.cap"
+
+ def test_stringz_1(self):
+ dfilter = 'tftp.type == octet'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_stringz_2(self):
+ dfilter = 'tftp.type == "octet"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_stringz_3(self):
+ dfilter = 'tftp.type == junk'
+ self.assertDFilterCount(dfilter, 0)
+
diff --git a/tools/dftestlib/time_relative.py b/tools/dftestlib/time_relative.py
new file mode 100644
index 0000000000..68abae511d
--- /dev/null
+++ b/tools/dftestlib/time_relative.py
@@ -0,0 +1,19 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testTimeRelative(dftest.DFTest):
+ trace_file = "nfs.cap"
+
+ def test_relative_time_1(self):
+ dfilter = "frame.time_delta == 0.7"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_relative_time_2(self):
+ dfilter = "frame.time_delta > 0.7"
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_relative_time_3(self):
+ dfilter = "frame.time_delta < 0.7"
+ self.assertDFilterCount(dfilter, 1)
+
diff --git a/tools/dftestlib/time_type.py b/tools/dftestlib/time_type.py
new file mode 100644
index 0000000000..41982cb126
--- /dev/null
+++ b/tools/dftestlib/time_type.py
@@ -0,0 +1,71 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testTime(dftest.DFTest):
+ trace_file = "http.cap"
+
+ def test_eq_1(self):
+ dfilter = 'frame.time == "Dec 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_eq_2(self):
+ dfilter = 'frame.time == "Jan 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ne_1(self):
+ dfilter = 'frame.time != "Dec 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ne_2(self):
+ dfilter = 'frame.time != "Jan 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_gt_1(self):
+ dfilter = 'frame.time > "Dec 31, 2002 07:54:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_gt_2(self):
+ dfilter = 'frame.time > "Dec 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_gt_3(self):
+ dfilter = 'frame.time > "Dec 31, 2002 07:56:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_ge_1(self):
+ dfilter = 'frame.time >= "Dec 31, 2002 07:54:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_2(self):
+ dfilter = 'frame.time >= "Dec 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_ge_3(self):
+ dfilter = 'frame.time >= "Dec 31, 2002 07:56:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_1(self):
+ dfilter = 'frame.time < "Dec 31, 2002 07:54:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_2(self):
+ dfilter = 'frame.time < "Dec 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_lt_3(self):
+ dfilter = 'frame.time < "Dec 31, 2002 07:56:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_1(self):
+ dfilter = 'frame.time <= "Dec 31, 2002 07:54:31.3"'
+ self.assertDFilterCount(dfilter, 0)
+
+ def test_le_2(self):
+ dfilter = 'frame.time <= "Dec 31, 2002 07:55:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_le_3(self):
+ dfilter = 'frame.time <= "Dec 31, 2002 07:56:31.3"'
+ self.assertDFilterCount(dfilter, 1)
+
diff --git a/tools/dftestlib/uint64.py b/tools/dftestlib/uint64.py
new file mode 100644
index 0000000000..c6cf82b040
--- /dev/null
+++ b/tools/dftestlib/uint64.py
@@ -0,0 +1,14 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+from dftestlib import dftest
+
+class testUINT64(dftest.DFTest):
+ trace_file = "nfs.cap"
+
+ def test_uint64_1(self):
+ dfilter = "nfs.fattr3.size == 264032"
+ self.assertDFilterCount(dfilter, 1)
+
+ def test_uint64_2(self):
+ dfilter = "nfs.fattr3.size == 264000"
+ self.assertDFilterCount(dfilter, 0)
diff --git a/tools/dftestlib/util.py b/tools/dftestlib/util.py
new file mode 100644
index 0000000000..7c66385907
--- /dev/null
+++ b/tools/dftestlib/util.py
@@ -0,0 +1,29 @@
+# Copyright (c) 2013 by Gilbert Ramirez <gram@alumni.rice.edu>
+
+import subprocess
+
+SUCCESS = 0
+def exec_cmdv(cmdv, cwd=None, stdin=None):
+ """Run the commands in cmdv, returning (retval, output),
+ where output is stdout and stderr combined.
+ If cwd is given, the child process runs in that directory.
+ If a filehandle is passed as stdin, it is used as stdin.
+ If there is an OS-level error, None is the retval."""
+
+ try:
+ output = subprocess.check_output(cmdv, stderr=subprocess.STDOUT,
+ cwd=cwd, stdin=stdin)
+ retval = SUCCESS
+
+ # If file isn't executable
+ except OSError, e:
+ output = str(e)
+ retval = None
+
+ # If process returns non-zero
+ except subprocess.CalledProcessError, e:
+ output = e.output
+ retval = e.returncode
+
+ return (retval, output)
+
generated by cgit v1.2.1 (git 2.18.0) at 2024-06-02 13:34:05 +0000