Mergecap: add test suite for various merging scenarios

Add a test suite for mergecap (and indirectly capinfos I guess). This is not exhaustive, but it's a start. Change-Id: I9442b4c32e31a74b1673961ad6ab50821441de3e Reviewed-on: https://code.wireshark.org/review/10082 Reviewed-by: Hadriel Kaplan <hadrielk@yahoo.com> Reviewed-by: Anders Broman <a.broman58@gmail.com>
network-analytics · Aug 19, 2015 · dcaa64a · dcaa64a
1 parent d64ad1d
commit dcaa64a
Show file tree

Hide file tree

Showing 7 changed files with 265 additions and 3 deletions.
diff --git a/test/captures/many_interfaces.pcapng.1 b/test/captures/many_interfaces.pcapng.1
diff --git a/test/captures/many_interfaces.pcapng.2 b/test/captures/many_interfaces.pcapng.2
diff --git a/test/captures/many_interfaces.pcapng.3 b/test/captures/many_interfaces.pcapng.3
diff --git a/test/config.sh b/test/config.sh
@@ -68,6 +68,7 @@ WIRESHARK_GTK=$WS_BIN_PATH/wireshark-gtk
 TSHARK=$WS_BIN_PATH/tshark
 RAWSHARK=$WS_BIN_PATH/rawshark
 CAPINFOS=$WS_BIN_PATH/capinfos
+MERGECAP=$WS_BIN_PATH/mergecap
 DUMPCAP=$WS_BIN_PATH/dumpcap
 
 # interface with at least a few packets/sec traffic on it

diff --git a/test/suite-mergecap.sh b/test/suite-mergecap.sh
@@ -0,0 +1,259 @@
+#!/bin/bash
+#
+# Run the mergecap unit tests
+#
+# Wireshark - Network traffic analyzer
+# By Gerald Combs <gerald@wireshark.org>
+#
+# This program is free software; you can redistribute it and/or
+# modify it under the terms of the GNU General Public License
+# as published by the Free Software Foundation; either version 2
+# of the License, or (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+#
+
+# common checking code:
+# arg 1 = return value from mergecap command
+# arg 2 = file type string
+# arg 3 = file encap
+# arg 4 = number of IDBs generated
+# arg 5 = number of file packets merged
+# arg 6 = number of some IDB packets merged
+mergecap_common_check() {
+    if [ ! $1 -eq $EXIT_OK ]; then
+        echo
+        cat ./testout.txt
+        test_step_failed "exit status of mergecap: $1"
+        return
+    fi
+
+    grep -q "merging complete" testout.txt
+    if [ $? -ne 0 ]; then
+        cat ./testout.txt
+        test_step_failed "mergecap didn't complete"
+    fi
+
+    $CAPINFOS -tEIc ./testout.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    if [ ! $RETURNVALUE -eq $EXIT_OK ]; then
+        echo
+        cat ./testout.txt
+        test_step_failed "exit status of capinfos: $RETURNVALUE"
+        return
+    fi
+
+    grep -Eiq "File type:[[:blank:]]+$2" testout.txt
+    if [ $? -ne 0 ]; then
+        cat ./testout.txt
+        test_step_failed "mergecap output format was not '$2'"
+    fi
+
+    grep -Eiq "File encapsulation:[[:blank:]]+$3" testout.txt
+    if [ $? -ne 0 ]; then
+        cat ./testout.txt
+        test_step_failed "mergecap output encap type was not '$3'"
+    fi
+
+    grep -Eiq "Number of interfaces in file:[[:blank:]]+$4" testout.txt
+    if [ $? -ne 0 ]; then
+        cat ./testout.txt
+        test_step_failed "mergecap output did not generate only $4 IDB"
+    fi
+
+    # this checks the file's number of packets
+    grep -Eiq "Number of packets:[[:blank:]]+$5" testout.txt
+    if [ $? -ne 0 ]; then
+        cat ./testout.txt
+        test_step_failed "mergecap output did not generate $5 packets for file"
+    fi
+
+    # this checks the IDB number of packets
+    grep -Eiq "Number of packets =[[:blank:]]+$6" testout.txt
+    if [ $? -ne 0 ]; then
+        cat ./testout.txt
+        test_step_failed "mergecap output did not generate $6 packets in IDB"
+    fi
+}
+
+
+
+# this is a common one for legacy PCAP output
+# for this, arg1=returnvalue, arg2=#of file and IDB packets
+mergecap_common_pcap_pkt() {
+    mergecap_common_check "$1" 'Wireshark/tcpdump/... - pcap' "Ethernet" "1" "$2" "$2"
+}
+
+# this is a common one for PCAPNG output
+# for this, arg1=returnvalue, arg2=encap type, arg3=#of IDBs, arg4=# of file pkts, arg5=# of IDB pkts
+mergecap_common_pcapng_pkt() {
+    mergecap_common_check "$1" 'Wireshark/... - pcapng' "$2" "$3" "$4" "$5"
+}
+
+
+
+mergecap_step_basic_1_pcap_pcap_test() {
+    $MERGECAP -vF pcap -w testout.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcap_pkt $RETURNVALUE 4
+    test_step_ok
+}
+
+mergecap_step_basic_2_pcap_pcap_test() {
+    $MERGECAP -vF pcap -w testout.pcap $CAPTURE_DIR/dhcp.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcap_pkt $RETURNVALUE 8
+    test_step_ok
+}
+
+mergecap_step_basic_3_empty_pcap_pcap_test() {
+    $MERGECAP -vF pcap -w testout.pcap $CAPTURE_DIR/empty.pcap $CAPTURE_DIR/dhcp.pcap $CAPTURE_DIR/empty.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcap_pkt $RETURNVALUE 4
+    test_step_ok
+}
+
+mergecap_step_basic_2_nano_pcap_pcap_test() {
+    $MERGECAP -vF pcap -w testout.pcap $CAPTURE_DIR/dhcp-nanosecond.pcap $CAPTURE_DIR/rsasnakeoil2.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcap_pkt $RETURNVALUE 62
+    test_step_ok
+}
+
+mergecap_step_basic_1_pcap_pcapng_test() {
+    $MERGECAP -v -w testout.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 4 4
+    test_step_ok
+}
+
+mergecap_step_basic_2_pcap_pcapng_test() {
+    $MERGECAP -v -w testout.pcap $CAPTURE_DIR/dhcp.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
+    test_step_ok
+}
+
+mergecap_step_basic_2_pcap_none_pcapng_test() {
+    $MERGECAP -vI 'none' -w testout.pcap $CAPTURE_DIR/dhcp.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 2 8 4
+    test_step_ok
+}
+
+mergecap_step_basic_2_pcap_all_pcapng_test() {
+    $MERGECAP -vI 'all' -w testout.pcap $CAPTURE_DIR/dhcp.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
+    test_step_ok
+}
+
+mergecap_step_basic_2_pcap_any_pcapng_test() {
+    $MERGECAP -vI 'any' -w testout.pcap $CAPTURE_DIR/dhcp.pcap $CAPTURE_DIR/dhcp.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 8 8
+    test_step_ok
+}
+
+mergecap_step_basic_1_pcapng_pcapng_test() {
+    $MERGECAP -v -w testout.pcap $CAPTURE_DIR/dhcp.pcapng > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Ethernet" 1 4 4
+    test_step_ok
+}
+
+mergecap_step_1_pcapng_many_pcapng_test() {
+    $MERGECAP -v -w testout.pcap $CAPTURE_DIR/many_interfaces.pcapng.1 > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 64 62
+    test_step_ok
+}
+
+mergecap_step_3_pcapng_pcapng_test() {
+    $MERGECAP -v -w testout.pcap $CAPTURE_DIR/many_interfaces.pcapng* > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 88 86
+    test_step_ok
+}
+
+mergecap_step_3_pcapng_none_pcapng_test() {
+    $MERGECAP -vI 'none' -w testout.pcap $CAPTURE_DIR/many_interfaces.pcapng* > testout.txt 2>&1
+    RETURNVALUE=$?
+    mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 33 88 62
+    test_step_ok
+}
+
+mergecap_step_3_pcapng_all_pcapng_test() {
+    # build a pcapng of all the interfaces repeated by using mode 'none'
+    $MERGECAP -vI 'none' -w testin.pcap $CAPTURE_DIR/many_interfaces.pcapng* > testout.txt 2>&1
+    # the above generated 33 IDBs, 88 total pkts, 62 in first IDB
+
+    # and use that generated pcap for our test
+    $MERGECAP -vI 'all' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    # check for 33 IDBs, 88*3=264 total pkts, 62*3=186 in first IDB
+    mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 33 264 186
+    test_step_ok
+}
+
+mergecap_step_3_pcapng_any_pcapng_test() {
+    # build a pcapng of all the interfaces repeated by using mode 'none'
+    $MERGECAP -vI 'none' -w testin.pcap $CAPTURE_DIR/many_interfaces.pcapng* > testout.txt 2>&1
+    # the above generated 33 IDBs, 88 total pkts, 62 in first IDB
+
+    # and use that generated pcap for our test
+    $MERGECAP -vI 'any' -w testout.pcap ./testin.pcap ./testin.pcap ./testin.pcap > testout.txt 2>&1
+    RETURNVALUE=$?
+    # check for 11 IDBs, 88*3=264 total pkts, 86*3=258 in first IDB
+    mergecap_common_pcapng_pkt $RETURNVALUE "Per packet" 11 264 258
+    test_step_ok
+}
+
+
+mergecap_cleanup_step() {
+    rm -f ./testout.txt
+    rm -f ./testout.pcap
+    rm -f ./testin.pcap
+}
+
+mergecap_suite() {
+    test_step_set_pre mergecap_cleanup_step
+    test_step_set_post mergecap_cleanup_step
+    test_step_add "1 pcap in ----> pcap out" mergecap_step_basic_1_pcap_pcap_test
+    test_step_add "2 pcaps in ---> pcap out" mergecap_step_basic_2_pcap_pcap_test
+    test_step_add "3 pcaps in ---> pcap out; two are empty" mergecap_step_basic_3_empty_pcap_pcap_test
+    test_step_add "2 pcaps in ---> pcap out; one is nanosecond pcap" mergecap_step_basic_2_nano_pcap_pcap_test
+
+    test_step_add "1 pcap in ----> pcapng out" mergecap_step_basic_1_pcap_pcapng_test
+    test_step_add "2 pcaps in ---> pcapng out" mergecap_step_basic_2_pcap_pcapng_test
+    test_step_add "2 pcaps in ---> pcapng out; merge mode none" mergecap_step_basic_2_pcap_none_pcapng_test
+    test_step_add "2 pcaps in ---> pcapng out; merge mode all" mergecap_step_basic_2_pcap_all_pcapng_test
+    test_step_add "2 pcaps in ---> pcapng out; merge mode any" mergecap_step_basic_2_pcap_any_pcapng_test
+
+    test_step_add "1 pcapng in --> pcapng out" mergecap_step_basic_1_pcapng_pcapng_test
+    test_step_add "1 pcapng in --> pcapng out; many interfaces" mergecap_step_1_pcapng_many_pcapng_test
+    test_step_add "3 pcapngs in -> pcapng out; wildcarded" mergecap_step_3_pcapng_pcapng_test
+    test_step_add "3 pcapngs in -> pcapng out; merge mode none" mergecap_step_3_pcapng_none_pcapng_test
+    test_step_add "3 pcapngs in -> pcapng out; merge mode all" mergecap_step_3_pcapng_all_pcapng_test
+    test_step_add "3 pcapngs in -> pcapng out; merge mode any" mergecap_step_3_pcapng_any_pcapng_test
+}
+
+#
+# Editor modelines  -  https://www.wireshark.org/tools/modelines.html
+#
+# Local variables:
+# c-basic-offset: 8
+# tab-width: 8
+# indent-tabs-mode: t
+# End:
+#
+# vi: set shiftwidth=8 tabstop=8 noexpandtab:
+# :indentSize=8:tabSize=8:noTabs=false:
+#
diff --git a/test/suite-wslua.sh b/test/suite-wslua.sh
@@ -1,6 +1,6 @@
 #!/bin/bash
 #
-# Run the epan unit tests
+# Run the Lua API unit tests
 #
 # Wireshark - Network traffic analyzer
 # By Gerald Combs <gerald@wireshark.org>

diff --git a/test/test.sh b/test/test.sh
@@ -108,6 +108,7 @@ source $TESTS_DIR/suite-fileformats.sh
 source $TESTS_DIR/suite-decryption.sh
 source $TESTS_DIR/suite-nameres.sh
 source $TESTS_DIR/suite-wslua.sh
+source $TESTS_DIR/suite-mergecap.sh
 
 test_cleanup() {
 	if [ $TEST_OUTDIR_CLEAN = 1 ]; then
@@ -126,7 +127,7 @@ trap test_cleanup EXIT
 test_step_prerequisites() {
 
 	NOTFOUND=0
-	for i in "$WIRESHARK" "$WIRESHARK_GTK" "$TSHARK" "$CAPINFOS" "$DUMPCAP" ; do
+	for i in "$WIRESHARK" "$WIRESHARK_GTK" "$TSHARK" "$CAPINFOS" "$MERGECAP" "$DUMPCAP" ; do
 		if [ ! -x $i ]; then
 			echo "Couldn't find $i"
 			NOTFOUND=1
@@ -164,10 +165,11 @@ test_suite() {
 	test_suite_add "File I/O" io_suite
 	test_suite_add "Capture" capture_suite
 	test_suite_add "Unit tests" unittests_suite
-	test_suite_add "File formats" fileformats_suite
 	test_suite_add "Decryption" decryption_suite
 	test_suite_add "Name Resolution" name_resolution_suite
 	test_suite_add "Lua API" wslua_suite
+	test_suite_add "Mergecap" mergecap_suite
+	test_suite_add "File formats" fileformats_suite
 }