2018-04-14 16:07:22 +00:00
|
|
|
# Copyright (c) 2018 Peter Wu <peter@lekensteyn.nl>
|
|
|
|
|
#
|
|
|
|
|
# SPDX-License-Identifier: GPL-2.0-or-later
|
|
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
import unittest
|
|
|
|
|
import fixtures
|
|
|
|
|
from suite_dfilter.dfiltertest import *
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
|
|
|
|
|
@fixtures.uses_fixtures
|
|
|
|
|
class case_membership(unittest.TestCase):
|
2018-04-14 16:07:22 +00:00
|
|
|
trace_file = "http.pcap"
|
|
|
|
|
|
2021-10-27 17:20:38 +00:00
|
|
|
def test_membership_match_1(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80, 3267}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
|
|
|
|
def test_membership_match_2(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80,3267}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
|
|
|
|
def test_membership_match_3(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80 ,3267}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
|
|
|
|
def test_membership_match_4(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80 , 3267}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
|
|
|
|
def test_membership_match_5(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in { 80 , 3267 }'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 1)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2021-10-29 10:43:23 +00:00
|
|
|
def test_membership_range_match_1(self, checkDFilterCount):
|
2018-04-16 11:02:41 +00:00
|
|
|
dfilter = 'tcp.port in {80..81}'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 1)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2021-10-29 10:43:23 +00:00
|
|
|
def test_membership_range_match_2(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80 ..81}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
|
|
|
|
def test_membership_range_match_3(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80.. 81}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
|
|
|
|
def test_membership_range_match_4(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.port in {80 .. 81}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
|
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
def test_membership_3_range_no_match(self, checkDFilterCount):
|
2021-10-27 17:20:38 +00:00
|
|
|
dfilter = 'tcp.dstport in {1 .. 79, 81 .. 65535}'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 0)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
def test_membership_4_range_no_match_multiple(self, checkDFilterCount):
|
2018-04-14 16:07:22 +00:00
|
|
|
# Verifies that multiple fields cannot satisfy different conditions.
|
2021-10-27 17:20:38 +00:00
|
|
|
dfilter = 'tcp.port in {1 .. 79,81 .. 3266,3268 .. 65535}'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 0)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
def test_membership_5_negative_range_float(self, checkDFilterCount):
|
2018-04-14 16:07:22 +00:00
|
|
|
dfilter = 'frame.time_delta in {-2.0 .. 0.0}'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 1)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
def test_membership_6_both_negative_range_float(self, checkDFilterCount):
|
2022-02-27 09:56:41 +00:00
|
|
|
dfilter = 'frame.time_delta in {-20 .. -0.7}'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 0)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
def test_membership_7_string(self, checkDFilterCount):
|
2021-10-27 17:20:38 +00:00
|
|
|
dfilter = 'http.request.method in {"GET", "HEAD"}'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 1)
|
2018-04-14 16:07:22 +00:00
|
|
|
|
2018-11-15 11:38:12 +00:00
|
|
|
def test_membership_8_ip_range(self, checkDFilterCount):
|
2021-10-27 17:20:38 +00:00
|
|
|
dfilter = 'ip.addr in { 10.0.0.5 .. 10.0.0.9 , 10.0.0.1..10.0.0.1 }'
|
2018-11-15 11:38:12 +00:00
|
|
|
checkDFilterCount(dfilter, 1)
|
2018-04-16 11:02:41 +00:00
|
|
|
|
2022-02-22 21:55:05 +00:00
|
|
|
def test_membership_9_range_invalid_float(self, checkDFilterFail):
|
2018-04-16 11:02:41 +00:00
|
|
|
# expression should be parsed as "0.1 .. .7"
|
2022-02-22 21:55:05 +00:00
|
|
|
# .7 is the identifier (protocol) named "7"
|
2018-04-16 11:02:41 +00:00
|
|
|
dfilter = 'frame.time_delta in {0.1...7}'
|
2022-02-22 21:55:05 +00:00
|
|
|
error = 'not a valid protocol or protocol field'
|
|
|
|
|
checkDFilterFail(dfilter, error)
|
2019-01-27 17:38:46 +00:00
|
|
|
|
|
|
|
|
def test_membership_10_bad_lhs_number(self, checkDFilterFail):
|
|
|
|
|
dfilter = '123 in {ip}'
|
|
|
|
|
error = 'Only a field may be tested for membership in a set.'
|
|
|
|
|
checkDFilterFail(dfilter, error)
|
|
|
|
|
|
|
|
|
|
def test_membership_11_bad_rhs_string(self, checkDFilterFail):
|
2021-10-27 17:20:38 +00:00
|
|
|
dfilter = 'frame.number in {1, "foo"}'
|
2022-06-18 09:43:24 +00:00
|
|
|
error = 'Unsigned integer (4 bytes) cannot be converted from a string'
|
2019-01-27 17:38:46 +00:00
|
|
|
checkDFilterFail(dfilter, error)
|
2021-10-27 17:20:38 +00:00
|
|
|
|
|
|
|
|
def test_membership_12_value_string(self, checkDFilterCount):
|
|
|
|
|
dfilter = 'tcp.checksum.status in {"Unverified", "Good"}'
|
|
|
|
|
checkDFilterCount(dfilter, 1)
|
