aaff0d21ae
This adds support for using the layers filter with field references. Before: $ dftest 'ip.src != ${ip.src#2}' dftest: invalid character in macro name After: $ dftest 'ip.src != ${ip.src#2}' Filter: ip.src != ${ip.src#2} Syntax tree: 0 TEST_ALL_NE: 1 FIELD(ip.src <FT_IPv4>) 1 REFERENCE(ip.src#[2:1] <FT_IPv4>) Instructions: 00000 READ_TREE ip.src <FT_IPv4> -> reg#0 00001 IF_FALSE_GOTO 5 00002 READ_REFERENCE_R ${ip.src <FT_IPv4>} #[2:1] -> reg#1 00003 IF_FALSE_GOTO 5 00004 ALL_NE reg#0 != reg#1 00005 RETURN This requires adding another level of complexity to references. When loading references we need to copy the 'proto_layer_num' and add the logic to filter on that. The "layer" sttype is removed and replace by a new field sttype with support for a range. This is a nice cleanup for the semantic check and general simplification. The grammar is better too with this design. Range sttype is renamed to slice for clarity. |
||
---|---|---|
.. | ||
baseline | ||
captures | ||
config | ||
keys | ||
lua | ||
protobuf_lang_files | ||
suite_dfilter | ||
suite_dissectors | ||
README.test | ||
conftest.py | ||
fixtures.py | ||
fixtures_ws.py | ||
hosts.custom | ||
hosts.global | ||
hosts.personal | ||
matchers.py | ||
sampleif.py | ||
subprocesstest.py | ||
suite_capture.py | ||
suite_clopts.py | ||
suite_decryption.py | ||
suite_dissection.py | ||
suite_extcaps.py | ||
suite_external.py | ||
suite_fileformats.py | ||
suite_follow.py | ||
suite_follow_dccp.py | ||
suite_follow_multistream.py | ||
suite_io.py | ||
suite_mergecap.py | ||
suite_nameres.py | ||
suite_netperfmeter.py | ||
suite_outputformats.py | ||
suite_release.py | ||
suite_sharkd.py | ||
suite_text2pcap.py | ||
suite_unittests.py | ||
suite_wslua.py | ||
test.py | ||
travis-upload-artifacts.sh | ||
util_dump_dhcp_pcap.py |
README.test
Wireshark Tests The recommended steps to prepare for and to run tests: * Install two Python packages, pytest: `pip install pytest pytest-xdist` * Build programs (“wireshark”, “tshark”, etc.): `ninja` * Build additional programs for the “unittests” suite: `ninja test-programs` * Run tests in the build directory: `pytest` Replace `ninja test-programs` by `make test-programs` as needed. See the “Wireshark Tests” chapter of the Developer's Guide for details: https://www.wireshark.org/docs/wsdg_html_chunked/ChapterTests.html If you need to update the baseline files use the following commands (on a Linux system) mkdir ~/.config/wireshark/profiles/ctest TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap > test/baseline/dhcp.ek TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T json -r test/captures/dhcp.pcap > test/baseline/dhcp.json TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T jsonraw -r test/captures/dhcp.pcap > test/baseline/dhcp.jsonraw TZ=UTC WIRESHARK_RUN_FROM_BUILD_DIRECTORY=1 build/run/tshark -C ctest -T ek -r test/captures/dhcp.pcap -x > test/baseline/dhcp-raw.ek