class case_dumpcap_capture_clopts(subprocesstest.SubprocessTestCase): @unittest.skipUnless(config.canCapture(), 'Test requires capture privileges') def test_dumpcap_invalid_capfilter(self): '''Invalid capture filter''' invalid_filter = '__invalid_protocol' # $DUMPCAP -f 'jkghg' -w './testout.pcap' > ./testout.txt 2>&1 self.runProcess( (config.cmd_dumpcap, '-f', invalid_filter, '-w', 'testout.pcap')) self.assertTrue( self.grepOutput('Invalid capture filter "' + invalid_filter + '" for interface')) @unittest.skipUnless(config.canCapture(), 'Test requires capture privileges') def test_dumpcap_invalid_interface_name(self): '''Invalid capture interface name''' invalid_interface = '__invalid_interface' # $DUMPCAP -i invalid_interface -w './testout.pcap' > ./testout.txt 2>&1 self.runProcess((config.cmd_dumpcap, '-i', invalid_interface, '-w', 'testout.pcap')) self.assertTrue( self.grepOutput('The capture session could not be initiated')) @unittest.skipUnless(config.canCapture(), 'Test requires capture privileges') def test_dumpcap_invalid_interface_index(self): '''Invalid capture interface index''' invalid_index = '0' # $DUMPCAP -i 0 -w './testout.pcap' > ./testout.txt 2>&1 self.runProcess( (config.cmd_dumpcap, '-i', invalid_index, '-w', 'testout.pcap')) self.assertTrue( self.grepOutput('There is no interface with that adapter index'))
def check_capture_read_filter(self, cmd=None): if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') if cmd == config.cmd_wireshark and not config.canDisplay(): self.skipTest('Test requires a display.') if not config.args_ping: self.skipTest('Your platform ({}) does not have a defined ping command.'.format(sys.platform)) self.assertIsNotNone(cmd) ping_procs = start_pinging(self) testout_file = self.filename_from_id(testout_pcap) capture_proc = self.runProcess(subprocesstest.capture_command(cmd, '-i', config.capture_interface, '-p', '-w', testout_file, '-2', '-R', 'dcerpc.cn_call_id==123456', # Something unlikely. '-c', '10', '-a', 'duration:{}'.format(capture_duration), '-f', 'icmp || icmp6', ), env=capture_env ) capture_returncode = capture_proc.returncode stop_pinging(ping_procs) self.assertEqual(capture_returncode, 0) if (capture_returncode == 0): self.checkPacketCount(0)
def check_capture_read_filter(self, cmd=None): if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') if cmd == config.cmd_wireshark and not config.canDisplay(): self.skipTest('Test requires a display.') if not config.args_ping: self.skipTest('Your platform ({}) does not have a defined ping command.'.format(sys.platform)) self.assertIsNotNone(cmd) ping_procs = start_pinging(self) testout_file = self.filename_from_id(testout_pcap) capture_proc = self.runProcess(capture_command(cmd, '-i', config.capture_interface, '-p', '-w', testout_file, '-2', '-R', 'dcerpc.cn_call_id==123456', # Something unlikely. '-c', '10', '-a', 'duration:{}'.format(capture_duration), '-f', 'icmp || icmp6', ), env=capture_env ) capture_returncode = capture_proc.returncode stop_pinging(ping_procs) self.cleanup_files.append(testout_file) self.assertEqual(capture_returncode, 0) if (capture_returncode == 0): check_testout_num_packets(self, 0)
def check_capture_snapshot_len(self, cmd=None): if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') if cmd == config.cmd_wireshark and not config.canDisplay(): self.skipTest('Test requires a display.') if not config.args_ping: self.skipTest('Your platform ({}) does not have a defined ping command.'.format(sys.platform)) self.assertIsNotNone(cmd) ping_procs = start_pinging(self) testout_file = self.filename_from_id(testout_pcap) capture_proc = self.runProcess(subprocesstest.capture_command(cmd, '-i', config.capture_interface, '-p', '-w', testout_file, '-s', str(snapshot_len), '-a', 'duration:{}'.format(capture_duration), '-f', 'icmp || icmp6', )) capture_returncode = capture_proc.returncode stop_pinging(ping_procs) self.assertEqual(capture_returncode, 0) self.assertTrue(os.path.isfile(testout_file)) # Use tshark to filter out all packets larger than 68 bytes. testout2_file = self.filename_from_id('testout2.pcap') filter_proc = self.runProcess((config.cmd_tshark, '-r', testout_file, '-w', testout2_file, '-Y', 'frame.cap_len>{}'.format(snapshot_len), )) filter_returncode = filter_proc.returncode self.assertEqual(capture_returncode, 0) if (capture_returncode == 0): self.checkPacketCount(0, cap_file=testout2_file)
def test_dumpcap_invalid_interface_index(self): '''Invalid capture interface index''' if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') invalid_index = '0' # $DUMPCAP -i 0 -w './testout.pcap' > ./testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) self.runProcess((config.cmd_dumpcap, '-i', invalid_index, '-w', testout_file)) self.assertTrue(self.grepOutput('There is no interface with that adapter index'))
def test_dumpcap_invalid_interface_name(self): '''Invalid capture interface name''' if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') invalid_interface = '__invalid_interface' # $DUMPCAP -i invalid_interface -w './testout.pcap' > ./testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) self.runProcess((config.cmd_dumpcap, '-i', invalid_interface, '-w', testout_file)) self.assertTrue(self.grepOutput('The capture session could not be initiated'))
def test_dumpcap_invalid_capfilter(self): '''Invalid capture filter''' if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') invalid_filter = '__invalid_protocol' # $DUMPCAP -f 'jkghg' -w './testout.pcap' > ./testout.txt 2>&1 testout_file = self.filename_from_id(testout_pcap) self.runProcess((config.cmd_dumpcap, '-f', invalid_filter, '-w', testout_file )) self.assertTrue(self.grepOutput('Invalid capture filter "' + invalid_filter + '" for interface'))
def check_capture_10_packets(self, cmd=None, to_stdout=False): # Similar to suite_io.check_io_4_packets. if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') if cmd == config.cmd_wireshark and not config.canDisplay(): self.skipTest('Test requires a display.') if not config.args_ping: self.skipTest( 'Your platform ({}) does not have a defined ping command.'.format( sys.platform)) self.assertIsNotNone(cmd) testout_file = self.filename_from_id(testout_pcap) ping_procs = start_pinging(self) if to_stdout: capture_proc = self.runProcess(subprocesstest.capture_command( cmd, '-i', '"{}"'.format(config.capture_interface), '-p', '-w', '-', '-c', '10', '-a', 'duration:{}'.format(capture_duration), '-f', '"icmp || icmp6"', '>', testout_file, shell=True), env=capture_env, shell=True) else: capture_proc = self.runProcess(subprocesstest.capture_command( cmd, '-i', config.capture_interface, '-p', '-w', testout_file, '-c', '10', '-a', 'duration:{}'.format(capture_duration), '-f', 'icmp || icmp6', ), env=capture_env) capture_returncode = capture_proc.returncode stop_pinging(ping_procs) if capture_returncode != 0: self.log_fd.write('{} -D output:\n'.format(cmd)) self.runProcess((cmd, '-D')) self.assertEqual(capture_returncode, 0) if (capture_returncode == 0): self.checkPacketCount(10)
def check_capture_snapshot_len(self, cmd=None): if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') if cmd == config.cmd_wireshark and not config.canDisplay(): self.skipTest('Test requires a display.') if not config.args_ping: self.skipTest( 'Your platform ({}) does not have a defined ping command.'.format( sys.platform)) self.assertIsNotNone(cmd) ping_procs = start_pinging(self) testout_file = self.filename_from_id(testout_pcap) capture_proc = self.runProcess( subprocesstest.capture_command( cmd, '-i', config.capture_interface, '-p', '-w', testout_file, '-s', str(snapshot_len), '-a', 'duration:{}'.format(capture_duration), '-f', 'icmp || icmp6', )) capture_returncode = capture_proc.returncode stop_pinging(ping_procs) self.assertEqual(capture_returncode, 0) self.assertTrue(os.path.isfile(testout_file)) # Use tshark to filter out all packets larger than 68 bytes. testout2_file = self.filename_from_id('testout2.pcap') filter_proc = self.runProcess(( config.cmd_tshark, '-r', testout_file, '-w', testout2_file, '-Y', 'frame.cap_len>{}'.format(snapshot_len), )) filter_returncode = filter_proc.returncode self.assertEqual(capture_returncode, 0) if (capture_returncode == 0): self.checkPacketCount(0, cap_file=testout2_file)
def check_capture_10_packets(self, cmd=None, to_stdout=False): # Similar to suite_io.check_io_4_packets. if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') if cmd == config.cmd_wireshark and not config.canDisplay(): self.skipTest('Test requires a display.') if not config.args_ping: self.skipTest('Your platform ({}) does not have a defined ping command.'.format(sys.platform)) self.assertIsNotNone(cmd) testout_file = self.filename_from_id(testout_pcap) ping_procs = start_pinging(self) if to_stdout: capture_proc = self.runProcess(subprocesstest.capture_command(cmd, '-i', '"{}"'.format(config.capture_interface), '-p', '-w', '-', '-c', '10', '-a', 'duration:{}'.format(capture_duration), '-f', '"icmp || icmp6"', '>', testout_file, shell=True ), env=capture_env, shell=True ) else: capture_proc = self.runProcess(subprocesstest.capture_command(cmd, '-i', config.capture_interface, '-p', '-w', testout_file, '-c', '10', '-a', 'duration:{}'.format(capture_duration), '-f', 'icmp || icmp6', ), env=capture_env ) capture_returncode = capture_proc.returncode stop_pinging(ping_procs) if capture_returncode != 0: self.log_fd.write('{} -D output:\n'.format(cmd)) self.runProcess((cmd, '-D')) self.assertEqual(capture_returncode, 0) if (capture_returncode == 0): self.checkPacketCount(10)
def test_tshark_valid_name_resolution(self): if not config.canCapture(): self.skipTest('Test requires capture privileges and an interface.') # $TSHARK -N mntC -a duration:1 > ./testout.txt 2>&1 self.assertRun((config.cmd_tshark, '-N', 'mntC', '-a', 'duration: 1'))
class case_tshark_name_resolution_clopts(subprocesstest.SubprocessTestCase): @unittest.skipUnless(config.canCapture(), 'Test requires capture privileges') def test_tshark_valid_name_resolution(self): # $TSHARK -N mntC -a duration:1 > ./testout.txt 2>&1 self.assertRun((config.cmd_tshark, '-N', 'mntC', '-a', 'duration: 1'))