Update tshark DNS resolution due to deprecated asynchronous flag 'C'

[anna.git] / example / diameter / pcapDecoder / tsharkDecoder.sh

diff --git a/example/diameter/pcapDecoder/tsharkDecoder.sh b/example/diameter/pcapDecoder/tsharkDecoder.sh
index 93b29d4..0f6c640 100755 (executable)
--- a/example/diameter/pcapDecoder/tsharkDecoder.sh
+++ b/example/diameter/pcapDecoder/tsharkDecoder.sh
@@ -38,7 +38,8 @@
 
 # Decoder version using tshark tool
 #
-# RESTRICTIONS: only TCP datagrams. Allow split diameter messages between frames, but not, several messages into single datagram.
+# RESTRICTIONS: TCP & SCTP datagrams. Allow split diameter messages between frames, but not, several messages into single datagram.
+#               If sniffing fails, try to create the <frame>.hex and <frame>.metadata files manually (try 'tshark -nr input.pcap -Vx' and so on ...)
 
 #############
 # VARIABLES #
@@ -165,7 +166,9 @@ do
   DISECT_SELECTORS="$DISECT_SELECTORS -d tcp.port=$port,diameter"
 done
 
-$TSHARK -E separator="|" -r $PCAP_FILE -N mntC -Tfields $FIELDS $DISECT_SELECTORS 2>/dev/null > $tmpdir/all_frames
+# Changes in project wireshark (see commits e005bc819c2 and 8dfaa8fa7c9): https://github.com/wireshark/wireshark.git
+# Change name resolution resolving flags: 'C' is deprecated. Change '-N mntC' by '-N mntdv':
+$TSHARK -E separator="|" -r $PCAP_FILE -N mntdv -Tfields $FIELDS $DISECT_SELECTORS 2>/dev/null > $tmpdir/all_frames
 grep -i diameter $tmpdir/all_frames > $tmpdir/diameter_frames
 #cat $tmpdir/all_frames
 
@@ -307,7 +310,7 @@ do
   group_array=( $(echo $group | sed 's/,/ /g') )
   echo "Grouping frames ${group_array[*]} ..."
   for frame in ${group_array[@]}; do
-    cat $RESULTS_DIR/$frame.hex >> $tmpdir/diam.$group
+    cat $RESULTS_DIR/$frame.hex >> $tmpdir/diam.$group 2>/dev/null
   done
   cat $tmpdir/diam.$group | tr -d '\n' > $RESULTS_DIR/$frame.hex
   # Delete all frames except last one in the group:
@@ -318,7 +321,11 @@ done
 #segments=( $(cat $tmpdir/diameter_frames | awk -F\| '{ if ($16 == "") print $1 }') )
 segments=( $(echo $to_delete) )
 echo "Deleting superfluous buffers & metadata (${segments[*]}) ..."
-for s in ${segments[@]}; do rm $RESULTS_DIR/${s}.* ; done
+for s in ${segments[@]}; do rm -f $RESULTS_DIR/${s}.* ; done
+
+# Basic checking:
+ls $RESULTS_DIR/*.metadata >/dev/null 2>/dev/null
+[ $? -ne 0 ] && { echo "No metadata generated !" ; exit 1 ; }
 
 # Detecting Session-Id values:
 grep ^sessionid= $RESULTS_DIR/*.metadata 2>/dev/null | cut -d= -f2- | sort -u > $RESULTS_DIR/session-ids
@@ -353,5 +360,13 @@ then
   rm $RESULTS_DIR/.wanted $RESULTS_DIR/.all
 fi
 
+# Purge frames with invalid metadata:
+invalid=( $(grep -lw "^code=$" $RESULTS_DIR/*metadata) )
+for file in ${invalid[@]}
+do
+  frm=$(basename $file | cut -d\. -f1)
+  rm $RESULTS_DIR/${frm}.*
+done
+
 _exit "Done!" 0