forked from osmocom/wireshark
From Jan Šafránek:
dftest and randpkt are installed during make install, but they are not documented in any man page. This is a start. It's more or less a compilation of information found elsewhere. svn path=/trunk/; revision=33504
This commit is contained in:
parent
db478debbd
commit
526a2946a3
|
@ -959,10 +959,13 @@ AC_ARG_ENABLE(dftest,
|
|||
|
||||
if test "x$enable_dftest" = "xyes" ; then
|
||||
dftest_bin="dftest\$(EXEEXT)"
|
||||
dftest_man="dftest.1"
|
||||
else
|
||||
dftest_bin=""
|
||||
dftest_man=""
|
||||
fi
|
||||
AC_SUBST(dftest_bin)
|
||||
AC_SUBST(dftest_man)
|
||||
|
||||
|
||||
# Enable/disable randpkt
|
||||
|
@ -974,10 +977,13 @@ AC_ARG_ENABLE(randpkt,
|
|||
|
||||
if test "x$enable_randpkt" = "xyes" ; then
|
||||
randpkt_bin="randpkt\$(EXEEXT)"
|
||||
randpkt_man="randpkt.1"
|
||||
else
|
||||
randpkt_bin=""
|
||||
randpkt_man=""
|
||||
fi
|
||||
AC_SUBST(randpkt_bin)
|
||||
AC_SUBST(randpkt_man)
|
||||
|
||||
|
||||
|
||||
|
|
|
@ -70,13 +70,16 @@ man1_MANS = \
|
|||
@editcap_man@ \
|
||||
@dumpcap_man@ \
|
||||
@idl2wrs_man@ \
|
||||
@rawshark_man@
|
||||
@rawshark_man@ \
|
||||
@dftest_man@ \
|
||||
@randpkt_man@
|
||||
man4_MANS = @wiresharkfilter_man@
|
||||
man_MANS =
|
||||
|
||||
pkgdata_DATA = AUTHORS-SHORT $(top_srcdir)/docbook/ws.css wireshark.html \
|
||||
tshark.html wireshark-filter.html capinfos.html editcap.html \
|
||||
idl2wrs.html mergecap.html text2pcap.html dumpcap.html rawshark.html
|
||||
idl2wrs.html mergecap.html text2pcap.html dumpcap.html rawshark.html \
|
||||
dftest.html randpkt.html
|
||||
|
||||
#
|
||||
# Build the short version of the authors file for the about dialog
|
||||
|
@ -236,6 +239,32 @@ rawshark.html: rawshark.pod ../config.h $(top_srcdir)/docbook/ws.css
|
|||
--noindex \
|
||||
$(srcdir)/rawshark.pod > rawshark.html
|
||||
|
||||
dftest.1: dftest.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
--center="The Wireshark Network Analyzer" \
|
||||
--release=$(VERSION) \
|
||||
$(srcdir)/dftest.pod > dftest.1
|
||||
|
||||
dftest.html: dftest.pod ../config.h $(top_srcdir)/docbook/ws.css
|
||||
$(POD2HTML) \
|
||||
--title="dftest - The Wireshark Network Analyzer $(VERSION)" \
|
||||
--css=$(top_srcdir)/docbook/ws.css \
|
||||
--noindex \
|
||||
$(srcdir)/dftest.pod > dftest.html
|
||||
|
||||
randpkt.1: randpkt.pod ../config.h
|
||||
$(POD2MAN) \
|
||||
--center="The Wireshark Network Analyzer" \
|
||||
--release=$(VERSION) \
|
||||
$(srcdir)/randpkt.pod > randpkt.1
|
||||
|
||||
randpkt.html: randpkt.pod ../config.h $(top_srcdir)/docbook/ws.css
|
||||
$(POD2HTML) \
|
||||
--title="randpkt - The Wireshark Network Analyzer $(VERSION)" \
|
||||
--css=$(top_srcdir)/docbook/ws.css \
|
||||
--noindex \
|
||||
$(srcdir)/randpkt.pod > randpkt.html
|
||||
|
||||
CLEANFILES = \
|
||||
wireshark-filter.pod \
|
||||
wireshark.pod \
|
||||
|
@ -258,7 +287,11 @@ CLEANFILES = \
|
|||
idl2wrs.1 \
|
||||
idl2wrs.html \
|
||||
rawshark.1 \
|
||||
rawshark.html
|
||||
rawshark.html \
|
||||
dftests.1 \
|
||||
dftests.html \
|
||||
randpkt.1 \
|
||||
randpkt.html
|
||||
|
||||
DISTCLEANFILES = \
|
||||
pod2htmi.tmp \
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
|
||||
=head1 NAME
|
||||
|
||||
dftest - Shows display filter byte-code, for debugging dfilter routines.
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<dftest>
|
||||
S<[ E<lt>filterE<gt> ]>
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
B<dftest> is a simple tool which compiles a display filter and shows its bytecode.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
||||
=over 4
|
||||
|
||||
=item filter
|
||||
|
||||
The display filter expression. If needed it has to be quoted.
|
||||
|
||||
=back
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
||||
Show how the IP protocol is filtered:
|
||||
|
||||
dftest ip
|
||||
|
||||
Shows how frame 150 is filtered:
|
||||
|
||||
dftest "frame.number == 150"
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
wireshark-filter(4)
|
|
@ -0,0 +1,100 @@
|
|||
|
||||
=head1 NAME
|
||||
|
||||
randpkt - Random Packet Generator
|
||||
|
||||
=head1 SYNOPSIS
|
||||
|
||||
B<randpkt>
|
||||
S<[ B<-b> E<lt>maxbytesE<gt> ]>
|
||||
S<[ B<-c> E<lt>countE<gt> ]>
|
||||
S<[ B<-t> E<lt>typeE<gt> ]>
|
||||
E<lt>filenameE<gt>
|
||||
|
||||
=head1 DESCRIPTION
|
||||
|
||||
B<randpkt> is a small utility that creates a B<libpcap> trace file
|
||||
full of random packets.
|
||||
|
||||
By creating many randomized packets of a certain type, you can
|
||||
test packet sniffers to see how well they handle malformed packets.
|
||||
The sniffer can never trust the data that it sees in the packet because
|
||||
you can always sniff a very bad packet that conforms to no standard.
|
||||
B<randpkt> produces I<very bad> packets.
|
||||
|
||||
When creating packets of a certain type, B<randpkt> uses a sample
|
||||
packet that is stored internally to B<randpkt>. It uses this as the
|
||||
starting point for your random packets, and then adds extra random
|
||||
bytes to the end of this sample packet.
|
||||
|
||||
For example, if you choose to create random ARP packets, B<randpkt>
|
||||
will create a packet which contains a predetermined Ethernet II header,
|
||||
with the Type field set to ARP. After the Ethernet II header, it will
|
||||
put a random number of bytes with random values.
|
||||
|
||||
=head1 OPTIONS
|
||||
|
||||
=over 4
|
||||
|
||||
=item -b E<lt>maxbytesE<gt>
|
||||
|
||||
Default 5000.
|
||||
|
||||
Defines the maximum number of bytes added to the sample packet.
|
||||
If you choose a B<maxbytes> value that is less than the size of the
|
||||
sample packet, then your packets would contain only the sample
|
||||
packet... not much variance there! B<randpkt> exits on that condition.
|
||||
|
||||
=item -c E<lt>countE<gt>
|
||||
|
||||
Default 1000.
|
||||
|
||||
Defines the number of packets to generate.
|
||||
|
||||
=item -t E<lt>typeE<gt>
|
||||
|
||||
Default Ethernet II frame.
|
||||
|
||||
Defines the type of packet to generate:
|
||||
arp Address Resolution Protocol
|
||||
bgp Border Gateway Protocol
|
||||
bvlc BACnet Virtual Link Control
|
||||
dns Domain Name Service
|
||||
eth Ethernet
|
||||
fddi Fiber Distributed Data Interface
|
||||
giop General Inter-ORB Protocol
|
||||
icmp Internet Control Message Protocol
|
||||
ip Internet Protocol
|
||||
llc Logical Link Control
|
||||
m2m WiMAX M2M Encapsulation Protocol
|
||||
megaco MEGACO
|
||||
nbns NetBIOS-over-TCP Name Service
|
||||
ncp2222 NetWare Core Protocol
|
||||
sctp Stream Control Transmission Protocol
|
||||
syslog Syslog message
|
||||
tds TDS NetLib
|
||||
tcp Transmission Control Protocol
|
||||
tr Token-Ring
|
||||
udp User Datagram Protocol
|
||||
usb Universal Serial Bus
|
||||
usb-linux Universal Serial Bus with Linux specific header
|
||||
|
||||
=back
|
||||
|
||||
=head1 EXAMPLES
|
||||
|
||||
To see a description of the randpkt options use:
|
||||
|
||||
randpkt
|
||||
|
||||
To generate a capture file with 1000 DNS packets use:
|
||||
|
||||
randpkt -b 500 -t dns rand_dns.pcap
|
||||
|
||||
To generate a small capture file with just a single LLC frame use:
|
||||
|
||||
randpkt -b 100 -c 1 -t llc single_llc.pcap
|
||||
|
||||
=head1 SEE ALSO
|
||||
|
||||
pcap(3), editcap(1)
|
Loading…
Reference in New Issue