packetfu 1.1.10 → 1.1.11
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +2 -0
- data/.gitignore +3 -0
- data/.travis.yml +8 -0
- data/CONTRIBUTING.md +47 -0
- data/Gemfile +4 -0
- data/LICENSE.txt +1 -1
- data/README.rdoc +35 -30
- data/Rakefile +4 -4
- data/bench/octets.rb +9 -9
- data/examples/100kpackets.rb +12 -12
- data/examples/ackscan.rb +16 -16
- data/examples/arp.rb +35 -35
- data/examples/arphood.rb +36 -36
- data/examples/dissect_thinger.rb +6 -6
- data/examples/new-simple-stats.rb +23 -23
- data/examples/packetfu-shell.rb +25 -25
- data/examples/simple-sniffer.rb +9 -9
- data/examples/simple-stats.rb +23 -23
- data/examples/slammer.rb +3 -3
- data/gem-public_cert.pem +21 -0
- data/lib/packetfu.rb +149 -127
- data/lib/packetfu/capture.rb +169 -169
- data/lib/packetfu/config.rb +52 -52
- data/lib/packetfu/inject.rb +56 -56
- data/lib/packetfu/packet.rb +531 -528
- data/lib/packetfu/pcap.rb +579 -579
- data/lib/packetfu/protos/arp.rb +90 -90
- data/lib/packetfu/protos/arp/header.rb +158 -158
- data/lib/packetfu/protos/arp/mixin.rb +36 -36
- data/lib/packetfu/protos/eth.rb +44 -44
- data/lib/packetfu/protos/eth/header.rb +243 -243
- data/lib/packetfu/protos/eth/mixin.rb +3 -3
- data/lib/packetfu/protos/hsrp.rb +69 -69
- data/lib/packetfu/protos/hsrp/header.rb +107 -107
- data/lib/packetfu/protos/hsrp/mixin.rb +29 -29
- data/lib/packetfu/protos/icmp.rb +71 -71
- data/lib/packetfu/protos/icmp/header.rb +82 -82
- data/lib/packetfu/protos/icmp/mixin.rb +14 -14
- data/lib/packetfu/protos/invalid.rb +49 -49
- data/lib/packetfu/protos/ip.rb +69 -69
- data/lib/packetfu/protos/ip/header.rb +291 -291
- data/lib/packetfu/protos/ip/mixin.rb +40 -40
- data/lib/packetfu/protos/ipv6.rb +50 -50
- data/lib/packetfu/protos/ipv6/header.rb +188 -188
- data/lib/packetfu/protos/ipv6/mixin.rb +29 -29
- data/lib/packetfu/protos/tcp.rb +176 -176
- data/lib/packetfu/protos/tcp/ecn.rb +35 -35
- data/lib/packetfu/protos/tcp/flags.rb +74 -74
- data/lib/packetfu/protos/tcp/header.rb +268 -268
- data/lib/packetfu/protos/tcp/hlen.rb +32 -32
- data/lib/packetfu/protos/tcp/mixin.rb +46 -46
- data/lib/packetfu/protos/tcp/option.rb +321 -321
- data/lib/packetfu/protos/tcp/options.rb +95 -95
- data/lib/packetfu/protos/tcp/reserved.rb +35 -35
- data/lib/packetfu/protos/udp.rb +159 -123
- data/lib/packetfu/protos/udp/header.rb +91 -91
- data/lib/packetfu/protos/udp/mixin.rb +3 -3
- data/lib/packetfu/structfu.rb +280 -280
- data/lib/packetfu/utils.rb +292 -225
- data/lib/packetfu/version.rb +41 -41
- data/packetfu.gemspec +14 -3
- data/spec/arp_spec.rb +191 -0
- data/spec/eth_spec.rb +148 -0
- data/spec/icmp_spec.rb +97 -0
- data/spec/ip_spec.rb +78 -0
- data/spec/ipv6_spec.rb +81 -0
- data/spec/packet_spec.rb +61 -59
- data/spec/packet_subclasses_spec.rb +9 -10
- data/spec/packetfu_spec.rb +55 -62
- data/spec/sample3.pcap +0 -0
- data/spec/spec_helper.rb +44 -0
- data/spec/structfu_spec.rb +270 -271
- data/spec/tcp_spec.rb +76 -77
- data/spec/udp_spec.rb +32 -0
- data/spec/utils_spec.rb +95 -0
- data/test/all_tests.rb +14 -17
- data/test/func_lldp.rb +3 -3
- data/test/ptest.rb +2 -2
- data/test/test_capture.rb +45 -45
- data/test/test_eth.rb +70 -68
- data/test/test_hsrp.rb +9 -9
- data/test/test_inject.rb +18 -18
- data/test/test_invalid.rb +16 -16
- data/test/test_octets.rb +23 -21
- data/test/test_packet.rb +156 -154
- data/test/test_pcap.rb +172 -170
- data/test/test_structfu.rb +99 -97
- data/test/test_tcp.rb +322 -320
- data/test/test_udp.rb +78 -76
- metadata +108 -44
- metadata.gz.sig +2 -0
- data/spec/ethpacket_spec.rb +0 -74
- data/test/test_arp.rb +0 -135
- data/test/test_icmp.rb +0 -62
- data/test/test_ip.rb +0 -50
- data/test/test_ip6.rb +0 -68
data/spec/tcp_spec.rb
CHANGED
@@ -1,101 +1,100 @@
|
|
1
|
-
|
2
|
-
require 'packetfu'
|
1
|
+
require 'spec_helper'
|
3
2
|
|
4
3
|
include PacketFu
|
5
4
|
|
6
5
|
def unusual_numeric_handling_headers(header,i)
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
6
|
+
camelized_header = header.to_s.split("_").map {|x| x.capitalize}.join
|
7
|
+
header_class = PacketFu.const_get camelized_header
|
8
|
+
specify { subject.send(header).should == i }
|
9
|
+
specify { subject.send(header).should be_kind_of Integer }
|
10
|
+
specify { subject.headers.last[header].should be_kind_of header_class }
|
12
11
|
end
|
13
12
|
|
14
13
|
def tcp_hlen_numeric(i)
|
15
|
-
|
14
|
+
unusual_numeric_handling_headers(:tcp_hlen,i)
|
16
15
|
end
|
17
16
|
|
18
17
|
def tcp_reserved_numeric(i)
|
19
|
-
|
18
|
+
unusual_numeric_handling_headers(:tcp_reserved,i)
|
20
19
|
end
|
21
20
|
|
22
21
|
def tcp_ecn_numeric(i)
|
23
|
-
|
22
|
+
unusual_numeric_handling_headers(:tcp_ecn,i)
|
24
23
|
end
|
25
24
|
|
26
25
|
|
27
26
|
describe TCPPacket do
|
28
27
|
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
28
|
+
subject do
|
29
|
+
bytes = PcapFile.file_to_array(File.join(File.dirname(__FILE__), "sample2.pcap"))[2]
|
30
|
+
packet = Packet.parse(bytes)
|
31
|
+
end
|
33
32
|
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
54
|
-
|
33
|
+
context "TcpHlen reading and setting" do
|
34
|
+
context "TcpHlen set via #read" do
|
35
|
+
tcp_hlen_numeric(8)
|
36
|
+
end
|
37
|
+
context "TcpHlen set via an Integer for the setter" do
|
38
|
+
(0..15).each do |i|
|
39
|
+
context "i is #{i}" do
|
40
|
+
before { subject.tcp_hlen = i }
|
41
|
+
tcp_hlen_numeric(i)
|
42
|
+
end
|
43
|
+
end
|
44
|
+
end
|
45
|
+
context "TcpHlen set via a String for the setter" do
|
46
|
+
before { subject.tcp_hlen = "\x60" }
|
47
|
+
tcp_hlen_numeric(6)
|
48
|
+
end
|
49
|
+
context "TcpHlen set via a TcpHlen for the setter" do
|
50
|
+
before { subject.tcp_hlen = TcpHlen.new(:hlen => 7) }
|
51
|
+
tcp_hlen_numeric(7)
|
52
|
+
end
|
53
|
+
end
|
55
54
|
|
56
|
-
|
57
|
-
|
58
|
-
|
59
|
-
|
60
|
-
|
61
|
-
|
62
|
-
|
63
|
-
|
64
|
-
|
65
|
-
|
66
|
-
|
67
|
-
|
68
|
-
|
69
|
-
|
70
|
-
|
71
|
-
|
72
|
-
|
73
|
-
|
74
|
-
|
75
|
-
|
76
|
-
|
55
|
+
context "TcpReserved reading and setting" do
|
56
|
+
context "TcpReserved set via #read" do
|
57
|
+
tcp_reserved_numeric(0)
|
58
|
+
end
|
59
|
+
context "TcpReserved set via an Integer for the setter" do
|
60
|
+
(0..7).each do |i|
|
61
|
+
context "i is #{i}" do
|
62
|
+
before { subject.tcp_reserved = i }
|
63
|
+
tcp_reserved_numeric(i)
|
64
|
+
end
|
65
|
+
end
|
66
|
+
end
|
67
|
+
context "TcpReserved set via a String for the setter" do
|
68
|
+
before { subject.tcp_reserved = "\x03" }
|
69
|
+
tcp_reserved_numeric(3)
|
70
|
+
end
|
71
|
+
context "TcpReserved set via a TcpReserved for the setter" do
|
72
|
+
before { subject.tcp_reserved = TcpReserved.new(:r1 => 1, :r2 => 0, :r3 => 1) }
|
73
|
+
tcp_reserved_numeric(5)
|
74
|
+
end
|
75
|
+
end
|
77
76
|
|
78
|
-
|
79
|
-
|
80
|
-
|
81
|
-
|
82
|
-
|
83
|
-
|
84
|
-
|
85
|
-
|
86
|
-
|
87
|
-
|
88
|
-
|
89
|
-
|
90
|
-
|
91
|
-
|
92
|
-
|
93
|
-
|
94
|
-
|
95
|
-
|
96
|
-
|
97
|
-
|
98
|
-
|
77
|
+
context "TcpEcn reading and setting" do
|
78
|
+
context "TcpEcn set via #read" do
|
79
|
+
tcp_ecn_numeric(0)
|
80
|
+
end
|
81
|
+
context "TcpEcn set via an Integer for the setter" do
|
82
|
+
(0..7).each do |i|
|
83
|
+
context "i is #{i}" do
|
84
|
+
before { subject.tcp_ecn = i }
|
85
|
+
tcp_ecn_numeric(i)
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
89
|
+
context "TcpEcn set via a String for the setter" do
|
90
|
+
before { subject.tcp_ecn = "\x00\xc0" }
|
91
|
+
tcp_ecn_numeric(3)
|
92
|
+
end
|
93
|
+
context "TcpEcn set via a TcpEcn for the setter" do
|
94
|
+
before { subject.tcp_ecn = TcpEcn.new(:n => 1, :c => 0, :e => 1) }
|
95
|
+
tcp_ecn_numeric(5)
|
96
|
+
end
|
97
|
+
end
|
99
98
|
|
100
99
|
end
|
101
100
|
|
data/spec/udp_spec.rb
ADDED
@@ -0,0 +1,32 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
include PacketFu
|
4
|
+
|
5
|
+
|
6
|
+
describe UDPPacket do
|
7
|
+
|
8
|
+
context "new" do
|
9
|
+
|
10
|
+
it "should create UDP on IPv4 packets by default" do
|
11
|
+
udp = UDPPacket.new
|
12
|
+
expect(udp.ip_header).to be_a(IPHeader)
|
13
|
+
expect(udp.ipv6_header).to be_nil
|
14
|
+
end
|
15
|
+
|
16
|
+
it "should create UDP on IPv6 packets" do
|
17
|
+
udp = UDPPacket.new(:on_ipv6 => true)
|
18
|
+
expect(udp.ip_header).to be_nil
|
19
|
+
expect(udp.ipv6_header).to be_a(IPv6Header)
|
20
|
+
|
21
|
+
udp.ipv6_saddr = "::1"
|
22
|
+
udp.ipv6_daddr = "::2"
|
23
|
+
udp.udp_src = 41000
|
24
|
+
udp.udp_dst = 42000
|
25
|
+
udp.payload = "\0" * 16
|
26
|
+
udp.recalc
|
27
|
+
expect(udp.udp_sum).to eq(0xbb82)
|
28
|
+
expect(udp.udp_len).to eq(24)
|
29
|
+
end
|
30
|
+
|
31
|
+
end
|
32
|
+
end
|
data/spec/utils_spec.rb
ADDED
@@ -0,0 +1,95 @@
|
|
1
|
+
# -*- coding: binary -*-
|
2
|
+
|
3
|
+
require 'spec_helper'
|
4
|
+
|
5
|
+
include PacketFu
|
6
|
+
|
7
|
+
describe Utils do
|
8
|
+
context "when using ifconfig" do
|
9
|
+
it "should prevent non-interface values" do
|
10
|
+
expect {
|
11
|
+
PacketFu::Utils.ifconfig("not_an_interface")
|
12
|
+
}.to raise_error(ArgumentError, /interface does not exist$/)
|
13
|
+
end
|
14
|
+
|
15
|
+
it "should work on Mac OSX Yosemite" do
|
16
|
+
stub_const("RUBY_PLATFORM", "x86_64-darwin14")
|
17
|
+
mac_osx_reply = "ifconfig en0\n" +
|
18
|
+
"en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500\n" +
|
19
|
+
"ether 78:31:c1:ce:39:bc\n" +
|
20
|
+
"inet6 fe80::7a31:c1ff:fece:39bc%en0 prefixlen 64 scopeid 0x4\n" +
|
21
|
+
"inet 192.168.10.173 netmask 0xffffff00 broadcast 192.168.10.255\n" +
|
22
|
+
"nd6 options=1<PERFORMNUD>\n" +
|
23
|
+
"media: autoselect\n" +
|
24
|
+
"status: active\n"
|
25
|
+
allow(PacketFu::Utils).to receive(:ifconfig_data_string).and_return(mac_osx_reply)
|
26
|
+
util_reply = PacketFu::Utils.ifconfig("en0")
|
27
|
+
|
28
|
+
# Ensure we got a hash back
|
29
|
+
expect(util_reply).to be_a(::Hash)
|
30
|
+
|
31
|
+
# Ensure all our values parse correctly
|
32
|
+
expect(util_reply[:iface]).to eq("en0")
|
33
|
+
expect(util_reply[:eth_saddr]).to eq("78:31:c1:ce:39:bc")
|
34
|
+
expect(util_reply[:eth_src]).to eq("x1\xC1\xCE9\xBC")
|
35
|
+
expect(util_reply[:ip6_saddr]).to eq("fe80::7a31:c1ff:fece:39bc")
|
36
|
+
expect(util_reply[:ip6_obj]).to eq(IPAddr.new("fe80::7a31:c1ff:fece:39bc"))
|
37
|
+
expect(util_reply[:ip_saddr]).to eq("192.168.10.173")
|
38
|
+
expect(util_reply[:ip_src]).to eq("\xC0\xA8\n\xAD")
|
39
|
+
expect(util_reply[:ip4_obj]).to eq(IPAddr.new("192.168.10.0/24"))
|
40
|
+
end
|
41
|
+
|
42
|
+
it "should work on Ubuntu 14.04 LTS" do
|
43
|
+
stub_const("RUBY_PLATFORM", "x86_64-linux")
|
44
|
+
ubuntu_reply = "eth0 Link encap:Ethernet HWaddr 00:0c:29:2a:e3:bd\n" +
|
45
|
+
"inet addr:192.168.10.174 Bcast:192.168.10.255 Mask:255.255.255.0\n" +
|
46
|
+
"inet6 addr: fe80::20c:29ff:fe2a:e3bd/64 Scope:Link\n" +
|
47
|
+
"UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1\n" +
|
48
|
+
"RX packets:65782 errors:0 dropped:0 overruns:0 frame:0\n" +
|
49
|
+
"TX packets:31354 errors:0 dropped:0 overruns:0 carrier:0\n" +
|
50
|
+
"collisions:0 txqueuelen:1000\n" +
|
51
|
+
"RX bytes:40583515 (40.5 MB) TX bytes:3349554 (3.3 MB)"
|
52
|
+
allow(PacketFu::Utils).to receive(:ifconfig_data_string).and_return(ubuntu_reply)
|
53
|
+
util_reply = PacketFu::Utils.ifconfig("eth0")
|
54
|
+
|
55
|
+
# Ensure we got a hash back
|
56
|
+
expect(util_reply).to be_a(::Hash)
|
57
|
+
|
58
|
+
# Ensure all our values parse correctly
|
59
|
+
expect(util_reply[:iface]).to eq("eth0")
|
60
|
+
expect(util_reply[:eth_saddr]).to eq("00:0c:29:2a:e3:bd")
|
61
|
+
expect(util_reply[:eth_src]).to eq("\x00\f)*\xE3\xBD")
|
62
|
+
expect(util_reply[:ip6_saddr]).to eq("fe80::20c:29ff:fe2a:e3bd/64")
|
63
|
+
expect(util_reply[:ip6_obj]).to eq(IPAddr.new("fe80::20c:29ff:fe2a:e3bd/64"))
|
64
|
+
expect(util_reply[:ip_saddr]).to eq("192.168.10.174")
|
65
|
+
expect(util_reply[:ip_src]).to eq("\xC0\xA8\n\xAE")
|
66
|
+
expect(util_reply[:ip4_obj]).to eq(IPAddr.new("192.168.10.0/24"))
|
67
|
+
end
|
68
|
+
|
69
|
+
it "should work on FreeBSD" do
|
70
|
+
stub_const("RUBY_PLATFORM", "freebsd")
|
71
|
+
freebsd_reply = "dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500\n" +
|
72
|
+
"options=80008<VLAN_MTU,LINKSTATE>\n" +
|
73
|
+
"ether 00:a0:cc:da:da:da\n" +
|
74
|
+
"inet 192.168.1.3 netmask 0xffffff00 broadcast 192.168.1.255\n" +
|
75
|
+
"media: Ethernet autoselect (100baseTX <full-duplex>)\n" +
|
76
|
+
"status: active"
|
77
|
+
allow(PacketFu::Utils).to receive(:ifconfig_data_string).and_return(freebsd_reply)
|
78
|
+
util_reply = PacketFu::Utils.ifconfig("dc0")
|
79
|
+
|
80
|
+
# Ensure we got a hash back
|
81
|
+
expect(util_reply).to be_a(::Hash)
|
82
|
+
|
83
|
+
# Ensure all our values parse correctly
|
84
|
+
expect(util_reply[:iface]).to eq("dc0")
|
85
|
+
expect(util_reply[:eth_saddr]).to eq("00:a0:cc:da:da:da")
|
86
|
+
expect(util_reply[:eth_src]).to eq("\x00\xA0\xCC\xDA\xDA\xDA")
|
87
|
+
expect(util_reply[:ip6_saddr]).to eq(nil)
|
88
|
+
expect(util_reply[:ip6_obj]).to eq(nil)
|
89
|
+
expect(util_reply[:ip_saddr]).to eq("192.168.1.3")
|
90
|
+
expect(util_reply[:ip_src]).to eq("\xC0\xA8\x01\x03")
|
91
|
+
expect(util_reply[:ip4_obj]).to eq(IPAddr.new("192.168.1.0/24"))
|
92
|
+
end
|
93
|
+
|
94
|
+
end
|
95
|
+
end
|
data/test/all_tests.rb
CHANGED
@@ -3,10 +3,7 @@
|
|
3
3
|
# Tested on:
|
4
4
|
#
|
5
5
|
# ruby-1.9.3-head [ x86_64 ]
|
6
|
-
# ruby-1.9.
|
7
|
-
# ruby-1.8.6-p399 [ x86_64 ]
|
8
|
-
# ruby-1.8.7-p334 [ x86_64 ]
|
9
|
-
# ruby-1.9.2-p180 [ x86_64 ]
|
6
|
+
# ruby-1.9.3-p484 [ x86_64 ]
|
10
7
|
|
11
8
|
# Okay so the regular test/unit stuff screws up some of my
|
12
9
|
# meta magic. I need to move these over to spec and see
|
@@ -23,19 +20,19 @@ puts "Testing PacketFu v#{PacketFu::VERSION}"
|
|
23
20
|
dir = Dir.new(File.dirname(__FILE__))
|
24
21
|
|
25
22
|
dir.each { |file|
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
23
|
+
next unless File.file? file
|
24
|
+
next unless file[/^test_.*rb$/]
|
25
|
+
next if file == $0
|
26
|
+
puts "Running #{file}..."
|
27
|
+
cmd = %x{ruby #{file}}
|
28
|
+
if cmd[/ 0 failures/] && cmd[/ 0 errors/]
|
29
|
+
puts "#{file}: All passed"
|
30
|
+
else
|
31
|
+
puts "File: #{file} had failures or errors:"
|
32
|
+
puts "-" * 80
|
33
|
+
puts cmd
|
34
|
+
puts "-" * 80
|
35
|
+
end
|
39
36
|
}
|
40
37
|
|
41
38
|
# vim: nowrap sw=2 sts=0 ts=2 ff=unix ft=ruby
|
data/test/func_lldp.rb
CHANGED
@@ -6,12 +6,12 @@ $:.unshift File.join(File.expand_path(File.dirname(__FILE__)), "..", "lib")
|
|
6
6
|
require 'packetfu'
|
7
7
|
|
8
8
|
def lldp_pcap
|
9
|
-
|
10
|
-
|
9
|
+
fname = "./sample_lldp.pcap"
|
10
|
+
fname if File.readable? fname
|
11
11
|
end
|
12
12
|
|
13
13
|
def lldp_test()
|
14
|
-
|
14
|
+
raise RuntimeError, "Need a sample_lldp.pcap to check!" unless lldp_pcap
|
15
15
|
cap = PacketFu::PcapFile.new.file_to_array(:filename => lldp_pcap)
|
16
16
|
cap.each do |p|
|
17
17
|
pkt = PacketFu::Packet.parse p
|
data/test/ptest.rb
CHANGED
@@ -5,9 +5,9 @@ require 'packetfu'
|
|
5
5
|
include PacketFu
|
6
6
|
|
7
7
|
if Process.euid.zero?
|
8
|
-
|
8
|
+
puts ">> Interface: " << Pcap.lookupdev
|
9
9
|
else
|
10
|
-
|
10
|
+
puts ">> No interface access"
|
11
11
|
end
|
12
12
|
puts ">> Version: " << PacketFu.version
|
13
13
|
|
data/test/test_capture.rb
CHANGED
@@ -6,51 +6,51 @@ require 'packetfu'
|
|
6
6
|
|
7
7
|
class CaptureTest < Test::Unit::TestCase
|
8
8
|
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
32
|
-
|
33
|
-
|
34
|
-
|
35
|
-
|
36
|
-
|
37
|
-
|
38
|
-
|
39
|
-
|
40
|
-
|
41
|
-
|
42
|
-
|
43
|
-
|
44
|
-
|
45
|
-
|
46
|
-
|
47
|
-
|
48
|
-
|
49
|
-
|
50
|
-
|
51
|
-
|
52
|
-
|
53
|
-
|
9
|
+
def test_cap
|
10
|
+
assert_nothing_raised { PacketFu::Capture }
|
11
|
+
end
|
12
|
+
|
13
|
+
def test_whoami
|
14
|
+
assert_nothing_raised { PacketFu::Utils.whoami?(:iface => PacketFu::Utils.default_int) }
|
15
|
+
end
|
16
|
+
|
17
|
+
def test_new
|
18
|
+
cap = PacketFu::Capture.new
|
19
|
+
assert_kind_of PacketFu::Capture, cap
|
20
|
+
cap = PacketFu::Capture.new(
|
21
|
+
:filter => 'tcp and dst host 1.2.3.4'
|
22
|
+
)
|
23
|
+
end
|
24
|
+
|
25
|
+
def test_filter
|
26
|
+
daddr = PacketFu::Utils.rand_routable_daddr.to_s
|
27
|
+
cap = PacketFu::Capture.new( :filter => "icmp and dst host #{daddr}")
|
28
|
+
cap.start
|
29
|
+
%x{ping -c 1 #{daddr}}
|
30
|
+
sleep 1
|
31
|
+
cap.save
|
32
|
+
assert cap.array.size == 1
|
33
|
+
pkt = PacketFu::Packet.parse(cap.array.first)
|
34
|
+
assert pkt.ip_daddr == daddr
|
35
|
+
end
|
36
|
+
|
37
|
+
def test_no_filter
|
38
|
+
daddr = PacketFu::Utils.rand_routable_daddr.to_s
|
39
|
+
daddr2 = PacketFu::Utils.rand_routable_daddr.to_s
|
40
|
+
cap = PacketFu::Capture.new
|
41
|
+
cap.start
|
42
|
+
%x{ping -c 1 #{daddr}}
|
43
|
+
%x{ping -c 1 #{daddr2}}
|
44
|
+
sleep 1
|
45
|
+
cap.save
|
46
|
+
assert cap.array.size > 1
|
47
|
+
end
|
48
|
+
|
49
|
+
def test_bpf_alias
|
50
|
+
daddr = PacketFu::Utils.rand_routable_daddr.to_s
|
51
|
+
cap = PacketFu::Capture.new( :filter => "icmp and dst host #{daddr}")
|
52
|
+
assert cap.filter.object_id == cap.bpf.object_id
|
53
|
+
end
|
54
54
|
|
55
55
|
end
|
56
56
|
|