packetfu 1.1.11 → 1.1.12.pre

data/spec/utils_spec.rb

@@ -1,6 +1,8 @@
 # -*- coding: binary -*-
-
 require 'spec_helper'
+require 'packetfu/protos/eth'
+require 'packetfu/protos/ip'
+require 'packetfu/utils'
 
 include PacketFu
 
@@ -14,7 +16,7 @@ describe Utils do
 
     it "should work on Mac OSX Yosemite" do
       stub_const("RUBY_PLATFORM", "x86_64-darwin14")
-      mac_osx_reply = "ifconfig en0\n" + 
+      mac_osx_reply = "ifconfig en0\n" +
                       "en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500\n" +
                       "ether 78:31:c1:ce:39:bc\n" +
                       "inet6 fe80::7a31:c1ff:fece:39bc%en0 prefixlen 64 scopeid 0x4\n" +
@@ -41,13 +43,13 @@ describe Utils do
 
     it "should work on Ubuntu 14.04 LTS" do
       stub_const("RUBY_PLATFORM", "x86_64-linux")
-      ubuntu_reply = "eth0      Link encap:Ethernet  HWaddr 00:0c:29:2a:e3:bd\n" + 
-                     "inet addr:192.168.10.174  Bcast:192.168.10.255  Mask:255.255.255.0\n" + 
-                     "inet6 addr: fe80::20c:29ff:fe2a:e3bd/64 Scope:Link\n" + 
-                     "UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1\n" + 
-                     "RX packets:65782 errors:0 dropped:0 overruns:0 frame:0\n" + 
-                     "TX packets:31354 errors:0 dropped:0 overruns:0 carrier:0\n" + 
-                     "collisions:0 txqueuelen:1000\n" + 
+      ubuntu_reply = "eth0      Link encap:Ethernet  HWaddr 00:0c:29:2a:e3:bd\n" +
+                     "inet addr:192.168.10.174  Bcast:192.168.10.255  Mask:255.255.255.0\n" +
+                     "inet6 addr: fe80::20c:29ff:fe2a:e3bd/64 Scope:Link\n" +
+                     "UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1\n" +
+                     "RX packets:65782 errors:0 dropped:0 overruns:0 frame:0\n" +
+                     "TX packets:31354 errors:0 dropped:0 overruns:0 carrier:0\n" +
+                     "collisions:0 txqueuelen:1000\n" +
                      "RX bytes:40583515 (40.5 MB)  TX bytes:3349554 (3.3 MB)"
       allow(PacketFu::Utils).to receive(:ifconfig_data_string).and_return(ubuntu_reply)
       util_reply = PacketFu::Utils.ifconfig("eth0")
@@ -68,11 +70,11 @@ describe Utils do
 
     it "should work on FreeBSD" do
       stub_const("RUBY_PLATFORM", "freebsd")
-      freebsd_reply = "dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500\n" + 
-                      "options=80008<VLAN_MTU,LINKSTATE>\n" + 
-                      "ether 00:a0:cc:da:da:da\n" + 
-                      "inet 192.168.1.3 netmask 0xffffff00 broadcast 192.168.1.255\n" + 
-                      "media: Ethernet autoselect (100baseTX <full-duplex>)\n" + 
+      freebsd_reply = "dc0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500\n" +
+                      "options=80008<VLAN_MTU,LINKSTATE>\n" +
+                      "ether 00:a0:cc:da:da:da\n" +
+                      "inet 192.168.1.3 netmask 0xffffff00 broadcast 192.168.1.255\n" +
+                      "media: Ethernet autoselect (100baseTX <full-duplex>)\n" +
                       "status: active"
       allow(PacketFu::Utils).to receive(:ifconfig_data_string).and_return(freebsd_reply)
       util_reply = PacketFu::Utils.ifconfig("dc0")
@@ -91,5 +93,86 @@ describe Utils do
       expect(util_reply[:ip4_obj]).to eq(IPAddr.new("192.168.1.0/24"))
     end
 
+    it "should work on OpenBSD" do
+      stub_const("RUBY_PLATFORM", "openbsd")
+      openbsd_reply = "em0: flags=8b43\\<UP,BROADCAST,RUNNING,PROMISC,ALLMULTI,SIMPLEX,MULTICAST\\> mtu 1500\n" +
+                      "        lladdr 00:01:02:03:04:05\n" +
+                      "        priority: 0\n" +
+                      "        groups: egress\n" +
+                      "        media: Ethernet autoselect (1000baseT full-duplex,rxpause,txpause)\n" +
+                      "        status: active\n" +
+                      "        inet 10.0.0.1 netmask 0xffffff00 broadcast 10.0.0.255"
+      allow(PacketFu::Utils).to receive(:ifconfig_data_string).and_return(openbsd_reply)
+      util_reply = PacketFu::Utils.ifconfig("em0")
+
+      # Ensure we got a hash back
+      expect(util_reply).to be_a(::Hash)
+
+      # Ensure all our values parse correctly
+      expect(util_reply[:iface]).to eq("em0")
+      expect(util_reply[:eth_saddr]).to eq("00:01:02:03:04:05")
+      expect(util_reply[:eth_src]).to eq("\x00\x01\x02\x03\x04\x05")
+      expect(util_reply[:ip6_saddr]).to eq(nil)
+      expect(util_reply[:ip6_obj]).to eq(nil)
+      expect(util_reply[:ip_saddr]).to eq("10.0.0.1")
+      expect(util_reply[:ip_src]).to eq("\n\x00\x00\x01")
+      expect(util_reply[:ip4_obj]).to eq(IPAddr.new("10.0.0.0/24"))
+    end
+
+  end
+
+  context 'when using arp' do
+
+    before(:all) do
+      @whoami = lambda { |iface| {
+                           :iface => iface,
+                           :eth_saddr => '00:01:02:03:dd:b3',
+                           :eth_src => "\x00\x01\x02\x03\xdd\xb3",
+                           :ip_saddr => '192.168.254.1',
+                           :ip_src => 0xc0a8fe01,
+                           :ip_src_bin => "\xc0\xa8\xfe\x01",
+                           :eth_dst => "\x00\x01\x02\x03\xcc\xb2",
+                           :eth_daddr => '00:01:02:03:cc:b2',
+                         } }
+    end
+
+    context 'when cached' do
+      it 'should work on Mac OSX Yosemite' do
+        stub_const('RUBY_PLATFORM', 'macosx')
+        mac_osx_reply = "? (192.168.254.57) at 64:00:00:00:cc:b2 on en0 ifscope [ethernet]\n"
+        allow(PacketFu::Utils).to receive(:arp_cache_raw).and_return(mac_osx_reply)
+        whoami_reply = @whoami.call('em0')
+        allow(PacketFu::Utils).to receive(:whoami?).and_return(whoami_reply)
+        util_reply = PacketFu::Utils.arp('192.168.254.57')
+
+        expect(util_reply).to be_a(String)
+        expect(util_reply).to eq('64:00:00:00:cc:b2')
+      end
+
+      it 'should work on Ubuntu 14.04 LTS' do
+        stub_const('RUBY_PLATFORM', 'x86_64-linux')
+        ubuntu_reply = "? (192.168.254.56) at 00:01:02:03:cc:b2 [ether] on eth0\n"
+        allow(PacketFu::Utils).to receive(:arp_cache_raw).and_return(ubuntu_reply)
+        whoami_reply = @whoami.call('eth0')
+        allow(PacketFu::Utils).to receive(:whoami?).and_return(whoami_reply)
+        util_reply = PacketFu::Utils.arp('192.168.254.56')
+
+        expect(util_reply).to be_a(String)
+        expect(util_reply).to eq('00:01:02:03:cc:b2')
+      end
+
+      it 'should work on FreeBSD' do
+        stub_const('RUBY_PLATFORM', 'freebsd')
+        freebsd_reply = "? (192.168.254.57) at 00:13:20:c3:7d:22 on em0 [ethernet]\n"
+        allow(PacketFu::Utils).to receive(:arp_cache_raw).and_return(freebsd_reply)
+        whoami_reply = @whoami.call('em0')
+        allow(PacketFu::Utils).to receive(:whoami?).and_return(whoami_reply)
+        util_reply = PacketFu::Utils.arp('192.168.254.57')
+
+        expect(util_reply).to be_a(String)
+        expect(util_reply).to eq('00:13:20:c3:7d:22')
+      end
+    end
+
   end
-end
+end

data/test/pcapng-test/output_be/advanced/test100.txt

@@ -0,0 +1,11 @@
+Description: NRB with IPv4+6, unknown types, duplicate entries, etc.
+Category:    advanced
+
+Block counts:
+	EPB: 3
+	IDB: 3
+	NRB: 5
+	SHB: 1
+	SPB: 2
+
+Block sequence: SHB, IDB, NRB, SPB, NRB, IDB, NRB, EPB, IDB, NRB, SPB, EPB, EPB, NRB

data/test/pcapng-test/output_be/advanced/test101.txt

@@ -0,0 +1,11 @@
+Description: Duplicate ISBs with various options, intermixed in EPB/SPB
+Category:    advanced
+
+Block counts:
+	EPB: 3
+	IDB: 3
+	ISB: 6
+	SHB: 1
+	SPB: 1
+
+Block sequence: SHB, IDB, IDB, EPB, ISB, ISB, ISB, IDB, EPB, ISB, SPB, ISB, EPB, ISB

data/test/pcapng-test/output_be/advanced/test102.txt

@@ -0,0 +1,14 @@
+Description: All block types, intermixed
+Category:    advanced
+
+Block counts:
+	CB: 1
+	DCB: 2
+	EPB: 4
+	IDB: 3
+	ISB: 6
+	NRB: 3
+	SHB: 1
+	SPB: 1
+
+Block sequence: SHB, CB, NRB, IDB, IDB, ISB, EPB, ISB, ISB, DCB, IDB, EPB, ISB, SPB, NRB, EPB, ISB, EPB, DCB, NRB, ISB

data/test/pcapng-test/output_be/basic/test001.txt

@@ -0,0 +1,9 @@
+Description: Basic normal pcapng file
+Category:    basic
+
+Block counts:
+	EPB: 4
+	IDB: 1
+	SHB: 1
+
+Block sequence: SHB, IDB, EPB, EPB, EPB, EPB

data/test/pcapng-test/output_be/basic/test002.txt

@@ -0,0 +1,7 @@
+Description: Empty - only SHB
+Category:    basic
+
+Block counts:
+	SHB: 1
+
+Block sequence: SHB

data/test/pcapng-test/output_be/basic/test003.txt

@@ -0,0 +1,8 @@
+Description: Empty - only SHB and IDB
+Category:    basic
+
+Block counts:
+	IDB: 1
+	SHB: 1
+
+Block sequence: SHB, IDB

data/test/pcapng-test/output_be/basic/test004.txt

@@ -0,0 +1,9 @@
+Description: Two IDBs same linktype, different snaplen
+Category:    basic
+
+Block counts:
+	EPB: 4
+	IDB: 2
+	SHB: 1
+
+Block sequence: SHB, IDB, IDB, EPB, EPB, EPB, EPB

data/test/pcapng-test/output_be/basic/test005.txt

@@ -0,0 +1,9 @@
+Description: 2 IDBs separated by EPB
+Category:    basic
+
+Block counts:
+	EPB: 4
+	IDB: 2
+	SHB: 1
+
+Block sequence: SHB, IDB, EPB, IDB, EPB, EPB, EPB

data/test/pcapng-test/output_be/basic/test006.txt

@@ -0,0 +1,9 @@
+Description: Two IDBs different linktype
+Category:    basic
+
+Block counts:
+	EPB: 5
+	IDB: 2
+	SHB: 1
+
+Block sequence: SHB, IDB, IDB, EPB, EPB, EPB, EPB, EPB

data/test/pcapng-test/output_be/basic/test007.txt

@@ -0,0 +1,9 @@
+Description: SHB with all options
+Category:    basic
+
+Block counts:
+	EPB: 1
+	IDB: 1
+	SHB: 1
+
+Block sequence: SHB, IDB, EPB

data/test/pcapng-test/output_be/basic/test008.txt

@@ -0,0 +1,9 @@
+Description: 2 IDBs with all options
+Category:    basic
+
+Block counts:
+	EPB: 4
+	IDB: 2
+	SHB: 1
+
+Block sequence: SHB, IDB, EPB, IDB, EPB, EPB, EPB

data/test/pcapng-test/output_be/basic/test009.txt

@@ -0,0 +1,9 @@
+Description: EPBs with all options
+Category:    basic
+
+Block counts:
+	EPB: 2
+	IDB: 1
+	SHB: 1
+
+Block sequence: SHB, IDB, EPB, EPB

data/test/pcapng-test/output_be/basic/test010.txt

@@ -0,0 +1,9 @@
+Description: SPBs
+Category:    basic
+
+Block counts:
+	IDB: 1
+	SHB: 1
+	SPB: 4
+
+Block sequence: SHB, IDB, SPB, SPB, SPB, SPB

data/test/pcapng-test/output_be/basic/test011.txt

@@ -0,0 +1,10 @@
+Description: Mix of SPBs and EPBs
+Category:    basic
+
+Block counts:
+	EPB: 2
+	IDB: 1
+	SHB: 1
+	SPB: 2
+
+Block sequence: SHB, IDB, SPB, EPB, SPB, EPB

data/test/pcapng-test/output_be/basic/test012.txt

@@ -0,0 +1,10 @@
+Description: SPBs and EPBs with IDB snaplen bigger than some, less than others
+Category:    basic
+
+Block counts:
+	EPB: 2
+	IDB: 1
+	SHB: 1
+	SPB: 2
+
+Block sequence: SHB, IDB, SPB, SPB, EPB, EPB

data/test/pcapng-test/output_be/basic/test013.txt

@@ -0,0 +1,9 @@
+Description: Empty - only SHB, IDB, and ISB
+Category:    basic
+
+Block counts:
+	IDB: 1
+	ISB: 1
+	SHB: 1
+
+Block sequence: SHB, IDB, ISB

data/test/pcapng-test/output_be/basic/test014.txt

@@ -0,0 +1,9 @@
+Description: Empty - only SHB, multiple IDB and ISB
+Category:    basic
+
+Block counts:
+	IDB: 3
+	ISB: 3
+	SHB: 1
+
+Block sequence: SHB, IDB, IDB, ISB, ISB, IDB, ISB

data/test/pcapng-test/output_be/basic/test015.txt

@@ -0,0 +1,9 @@
+Description: Empty - only SHB, IDB, and NRB
+Category:    basic
+
+Block counts:
+	IDB: 1
+	NRB: 1
+	SHB: 1
+
+Block sequence: SHB, IDB, NRB

data/test/pcapng-test/output_be/basic/test016.txt

@@ -0,0 +1,11 @@
+Description: Multiple NRB among SPB/EPB
+Category:    basic
+
+Block counts:
+	EPB: 2
+	IDB: 1
+	NRB: 3
+	SHB: 1
+	SPB: 2
+
+Block sequence: SHB, IDB, NRB, SPB, EPB, NRB, SPB, EPB, NRB

data/test/pcapng-test/output_be/basic/test017.txt

@@ -0,0 +1,9 @@
+Description: Empty - only SHB and CB/DCB
+Category:    basic
+
+Block counts:
+	CB: 2
+	DCB: 2
+	SHB: 1
+
+Block sequence: SHB, CB, DCB, CB, DCB

data/test/pcapng-test/output_be/basic/test018.txt

@@ -0,0 +1,12 @@
+Description: Multiple CB/DCB among SPB/EPB
+Category:    basic
+
+Block counts:
+	CB: 2
+	DCB: 2
+	EPB: 2
+	IDB: 1
+	SHB: 1
+	SPB: 2
+
+Block sequence: SHB, IDB, CB, SPB, EPB, DCB, SPB, CB, EPB, DCB

data/test/pcapng-test/output_be/difficult/test200.txt

@@ -0,0 +1,8 @@
+Description: Empty - only SHB and IDB, but repeated so multiple SHB
+Category:    difficult
+
+Block counts:
+	IDB: 3
+	SHB: 3
+
+Block sequence: SHB, IDB, SHB, IDB, SHB, IDB

data/test/pcapng-test/output_be/difficult/test201.txt

@@ -0,0 +1,11 @@
+Description: ISBs with various options, in different SHB sections
+Category:    difficult
+
+Block counts:
+	EPB: 3
+	IDB: 5
+	ISB: 4
+	SHB: 3
+	SPB: 1
+
+Block sequence: SHB, IDB, IDB, EPB, ISB, SHB, IDB, EPB, ISB, SPB, SHB, IDB, IDB, ISB, EPB, ISB