From: Eduardo Ramos Testillano Date: Fri, 15 Jan 2016 12:42:22 +0000 (+0100) Subject: Improvs. Initial version for tinyTestcase creation X-Git-Tag: REFACTORING_TESTING_LIBRARY~61 X-Git-Url: https://git.teslayout.com/public/public/public/?p=anna.git;a=commitdiff_plain;h=09f74ebd57cd733b52ad48ba482bc406b1ce91f6 Improvs. Initial version for tinyTestcase creation --- diff --git a/example/diameter/launcher/resources/scripts/pcap2diameterHex.sh b/example/diameter/launcher/resources/scripts/pcap2diameterHex.sh deleted file mode 100755 index 355b70f..0000000 --- a/example/diameter/launcher/resources/scripts/pcap2diameterHex.sh +++ /dev/null @@ -1,180 +0,0 @@ -#!/bin/bash - -# ANNA - Anna is Not Nothingness Anymore -# -# (c) Copyright 2005-2014 Eduardo Ramos Testillano & Francisco Ruiz Rayo -# -# http://redmine.teslayout.com/projects/anna-suite -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# * Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following disclaimer -# in the documentation and/or other materials provided with the -# distribution. -# * Neither the name of the copyright holder nor the names of its -# contributors may be used to endorse or promote products derived from -# this software without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -# -# Authors: eduardo.ramos.testillano@gmail.com -# cisco.tierra@gmail.com - - -############# -# VARIABLES # -############# -tmpdir=$(mktemp -d) - -############# -# FUNCTIONS # -############# - -usage () { - echo "Usage: $0 [results_dir]" - echo - echo " pcap_file: pcap formatted file to be processed." - echo " results_dir: directory where results are stored." - echo " By default, pcap file dirname is used." - echo - echo " The utility, dumps the extracted hexadecimal content" - echo " and useful information as timestamps, source and" - echo " destination:" - echo " /.hex" - echo " /.metadata" - echo - _exit -} - -_exit () { - echo - echo -e $1 - echo - - # Cleanup - rm -rf $tmpdir - - rc=1 - [ -n "$2" ] && rc=$2 - exit $rc -} - - -############# -# EXECUTION # -############# - -echo -echo "============================================" -echo "Diameter buffer extractor from PCAP raw file" -echo "============================================" -echo - -# Usage: -[ "$1" = "" ] && usage - -# Pcap file: -PCAP_FILE=$1 -[ ! -f $PCAP_FILE ] && _exit "Cannot found provided pcap file '$1' !!" - -# Optional result dir: -RESULTS_DIR=`dirname $PCAP_FILE` -[ "$2" != "" ] && RESULTS_DIR=$2 -[ ! -d $RESULTS_DIR ] && _exit "The results directory '$RESULTS_DIR' must exists !!" - -# Get the frames with diameter content (take care about '-2' two-pass option and don't add it, because we need to get reassembled parts in their corresponding frames): -# Fields needed (we won't need diameter.hopbyhopid & diameter.endtoendid to verify diameter message as hint patterns; length management will be enough): -FIELDS_DIAMETER="-e diameter.cmd.code -e diameter.flags.request -e diameter.applicationId -e diameter.hopbyhopid -e diameter.endtoendid -e diameter.length" -FIELDS="-e frame.number -e frame.time_epoch -e ip.src_host -e ip.dst_host $FIELDS_DIAMETER -e tcp.len -e frame.protocols -e tcp.segment" -tshark -E separator="|" -r $PCAP_FILE -N mntC -Tfields $FIELDS 2>/dev/null | grep -i diameter > $tmpdir/diameter_frames -# Example output: -# /length\ -# frame timestamp src dst code R App-ID HopByHop EndToEnd DIAM TCP protocol segments -# 1|1427215933.697904000|gt_traf|vcbavipt|272|1|16777238|0x0004e6e6|0x000bd986|432|432|eth:ip:tcp:diameter:diameter:diameter3gpp| -# 3|1427215934.449523000|vcbavipt|gt_traf|272|0|16777238|0x0004e6e6|0x000bd986|292|292|eth:ip:tcp:diameter:diameter:diameter3gpp| -# 5|1427215934.456160000|gt_traf|vcbavipt|||||||1400|eth:ip:tcp:diameter| -# 6|1427215934.456204000|gt_traf|vcbavipt|265|1|16777236|0x000c73c3|0x0004cee4|1972|572|eth:ip:tcp:diameter:diameter:diameter3gpp|5,6 -# 8|1427215935.123559000|vcbavipt|gt_traf|265|0|16777236|0x000c73c3|0x0004cee4|248|248|eth:ip:tcp:diameter:diameter:diameter3gpp| -all_frames=( $(cat $tmpdir/diameter_frames | cut -d\| -f1) ) -needs_join=( $(cat $tmpdir/diameter_frames | cut -d\| -f13) ) -main_frames=( $(cat $tmpdir/diameter_frames | awk -F\| '{ if ($11 != "") print $1 }') ) - -# Reassemble procedure (using frame 1 as example): -# (for non segmented frames, it is enough with tcp or diameter length within the frame content itself) -# 1) Get the TCP length: 432 bytes. 432*2 = 864 characters per byte in hexadecimal string format -# 2) Get the frame length: `wc -c $tmpdir/block.$frame` => 997 -# 3) Get 864 from the tail: `cat $tmpdir/block.$frame | cut -c133 - -# Dump the hex blocks for all the diameter frames: -cat $PCAP_FILE | rawshark -s -r - -d proto:diameter -F data 2>/dev/null > $tmpdir/all_hex_data -for frame in ${all_frames[@]}; do - grep "^$frame " $tmpdir/all_hex_data | cut -d\" -f2 | sed 's/://g' > $tmpdir/block.$frame - frame_info=$(grep "^${frame}|" $tmpdir/diameter_frames) - - # Get the diameter part: - tcp_len=$(echo $frame_info | cut -d\| -f11) - frm_len=$(wc -c $tmpdir/block.$frame | awk '{ print $1 }') - cut_len=$((frm_len-2*tcp_len)) - cat $tmpdir/block.$frame | cut -c${cut_len}- > $RESULTS_DIR/$frame.hex - echo -n "Created $RESULTS_DIR/$frame.hex" - - # Metadata: - ts=$(echo $frame_info | cut -d\| -f2) - date=$(date -d @$ts) - src=$(echo $frame_info | cut -d\| -f3) - dst=$(echo $frame_info | cut -d\| -f4) - code=$(echo $frame_info | cut -d\| -f5) - isreq=$(echo $frame_info | cut -d\| -f6) - appid=$(echo $frame_info | cut -d\| -f7) - hbh=$(echo $frame_info | cut -d\| -f8) - e2e=$(echo $frame_info | cut -d\| -f9) - # To decimal: - hbh=$(printf "%d\n" $hbh) - e2e=$(printf "%d\n" $e2e) - echo "date=$date" > $RESULTS_DIR/$frame.metadata - echo "timestamp=$ts" >> $RESULTS_DIR/$frame.metadata - echo "src=$src" >> $RESULTS_DIR/$frame.metadata - echo "dst=$dst" >> $RESULTS_DIR/$frame.metadata - echo "code=$code" >> $RESULTS_DIR/$frame.metadata - echo "isrequest=$isreq" >> $RESULTS_DIR/$frame.metadata - echo "applicationid=$appid" >> $RESULTS_DIR/$frame.metadata - #echo "sequence=${hbh}.${e2e}" >> $RESULTS_DIR/$frame.metadata -# echo "hopbyhop=$hbh" >> $RESULTS_DIR/$frame.metadata -# echo "endtoend=$e2e" >> $RESULTS_DIR/$frame.metadata - - echo " and $RESULTS_DIR/$frame.metadata" -done - -# Join frames which need to be reassembled: -for group in ${needs_join[@]}; do - echo "Grouping frames $group ..." - group_array=( $(echo $group | sed 's/,/ /g') ) - for frame in ${group_array[@]}; do - cat $RESULTS_DIR/$frame.hex >> $tmpdir/diam.$group - done - cat $tmpdir/diam.$group | tr -d '\n' > $RESULTS_DIR/$frame.hex -done - -# Delete superfluous metadata: -echo "Deleting superfluous buffers & metadata ..." -segments=( $(cat $tmpdir/diameter_frames | awk -F\| '{ if ($10 == "") print $1 }') ) -for s in ${segments[@]}; do rm $RESULTS_DIR/$s.*; done - - -_exit "Done!" 0 - diff --git a/example/diameter/launcher/resources/scripts/tinyTestcase.sh b/example/diameter/launcher/resources/scripts/tinyTestcase.sh new file mode 100755 index 0000000..e08120f --- /dev/null +++ b/example/diameter/launcher/resources/scripts/tinyTestcase.sh @@ -0,0 +1,72 @@ +#!/bin/bash + +############# +# VARIABLES # +############# +SCR_DIR=`readlink -f $0 | xargs dirname` + +############# +# FUNCTIONS # +############# +_exit() { + echo + echo -e $1 + echo + exit 1 +} + +usage() { + echo "Usage: $0 " + echo + echo " The source directory may contain .xml and .metadata files grouped by pairs and alphabetically classified:" + echo + echo " 11.hex.as.xml 15.hex.as.xml 19.hex.as.xml ..." + echo " 11.metadata 15.metadata 19.metadata ..." + echo " 13.hex.as.xml 17.hex.as.xml 21.hex.as.xml ..." + echo " 13.metadata 17.metadata 21.metadata ..." + echo + echo " Normally the order comes from first dot-separated part, which is the decoded frame from pcap:" + echo + echo " 11.hex.as.xml: would be the ANNA-Diameter decoded message from hexadecimal sniffed one." + echo " 11.metadata: would contain parsed metadata from tshark or another fulfilling this information:" + echo + echo " date=Sat Dec 19 11:50:55 CET 2015" + echo " timestamp=1450522255.205673000" + echo " src=gentraf" + echo " dst=testbed" + echo " code=257" + echo " isrequest=1" + echo " applicationid=0" + echo + echo " Presented example has been achieved using the 'example/diameter/pcapDecoder/tsharkDecoder.sh' script" + echo " and then decoding with 'example/diameter/batchConverter' tool with appropiate diameter dictionaries." + echo + echo " This script will create a basic testcase based on frames timeline (11, 13, 15, etc.), from the desired" + echo " end-point. For example, from the 'gentraf' point of view, outgoing requests will be translated as send" + echo " operations with corresponding waits for answers and successful result code (2001). CER/A are detected" + echo " creating a symbolic link to better reference them, and DPR/A are ignored." + echo + echo " The resulting 'testcase.txt' will have all the operations needed to program the test case and will be" + echo " written on same source directory referencing xml files as local-relative ones. Probably, 'change-dir'" + echo " operation will be used before programming to ease the procedure without having to copy the stuff into" + echo " installed ADML execution directory." + echo + echo " Connection issues (CER/A), disconnect procedures (DPR/A), database populations and sanity checks are" + echo " not responsability for this script. Such operations shall be externally performed to guarantee that" + echo " programming this testcase is going to be valid in context of test execution." + _exit +} + +############# +# EXECUTION # +############# +cd $SCR_DIR +source ../../configure.sh +echo +SOURCE_DIR=$1 +[ -z "$SOURCE_DIR" ] && usage +SOURCE_DIR=`readlink -f $SOURCE_DIR` +[ ! -d "$SOURCE_DIR" ] && _exit "Can't found provided directory '$SOURCE_DIR'" + +# UNDER CONSTRUCTION +# ......... diff --git a/example/diameter/pcapDecoder/tsharkDecoder.sh b/example/diameter/pcapDecoder/tsharkDecoder.sh new file mode 100755 index 0000000..64fd44b --- /dev/null +++ b/example/diameter/pcapDecoder/tsharkDecoder.sh @@ -0,0 +1,186 @@ +#!/bin/bash + +# ANNA - Anna is Not Nothingness Anymore +# +# (c) Copyright 2005-2014 Eduardo Ramos Testillano & Francisco Ruiz Rayo +# +# http://redmine.teslayout.com/projects/anna-suite +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following disclaimer +# in the documentation and/or other materials provided with the +# distribution. +# * Neither the name of the copyright holder nor the names of its +# contributors may be used to endorse or promote products derived from +# this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# +# Authors: eduardo.ramos.testillano@gmail.com +# cisco.tierra@gmail.com + + +# Decoder version using tshark tool + +############# +# VARIABLES # +############# +tmpdir=$(mktemp -d) + +############# +# FUNCTIONS # +############# + +usage () { + echo "Usage: $0 [results_dir]" + echo + echo " pcap_file: pcap formatted file to be processed." + echo " results_dir: directory where results are stored." + echo " By default, pcap file dirname is used." + echo + echo " The utility, dumps the extracted hexadecimal content" + echo " and useful information as timestamps, source and" + echo " destination:" + echo " /.hex" + echo " /.metadata" + echo + _exit +} + +_exit () { + echo + echo -e $1 + echo + + # Cleanup + rm -rf $tmpdir + + rc=1 + [ -n "$2" ] && rc=$2 + exit $rc +} + + +############# +# EXECUTION # +############# + +echo +echo "============================================" +echo "Diameter buffer extractor from PCAP raw file" +echo "============================================" +echo + +# Usage: +[ "$1" = "" ] && usage + +# Pcap file: +PCAP_FILE=$1 +[ ! -f $PCAP_FILE ] && _exit "Cannot found provided pcap file '$1' !!" + +# Tshark available: +which tshark >/dev/null +[ $? -ne 0 ] && _exit "Missing 'tshark' tool !!" + +# Optional result dir: +RESULTS_DIR=`dirname $PCAP_FILE` +[ "$2" != "" ] && RESULTS_DIR=$2 +[ ! -d $RESULTS_DIR ] && _exit "The results directory '$RESULTS_DIR' must exists !!" + +# Get the frames with diameter content (take care about '-2' two-pass option and don't add it, because we need to get reassembled parts in their corresponding frames): +# Fields needed (we won't need diameter.hopbyhopid & diameter.endtoendid to verify diameter message as hint patterns; length management will be enough): +FIELDS_DIAMETER="-e diameter.cmd.code -e diameter.flags.request -e diameter.applicationId -e diameter.hopbyhopid -e diameter.endtoendid -e diameter.length" +FIELDS="-e frame.number -e frame.time_epoch -e ip.src_host -e ip.dst_host $FIELDS_DIAMETER -e tcp.len -e frame.protocols -e tcp.segment" +tshark -E separator="|" -r $PCAP_FILE -N mntC -Tfields $FIELDS 2>/dev/null | grep -i diameter > $tmpdir/diameter_frames +# Example output: +# /length\ +# frame timestamp src dst code R App-ID HopByHop EndToEnd DIAM TCP protocol segments +# 1|1427215933.697904000|gt_traf|vcbavipt|272|1|16777238|0x0004e6e6|0x000bd986|432|432|eth:ip:tcp:diameter:diameter:diameter3gpp| +# 3|1427215934.449523000|vcbavipt|gt_traf|272|0|16777238|0x0004e6e6|0x000bd986|292|292|eth:ip:tcp:diameter:diameter:diameter3gpp| +# 5|1427215934.456160000|gt_traf|vcbavipt|||||||1400|eth:ip:tcp:diameter| +# 6|1427215934.456204000|gt_traf|vcbavipt|265|1|16777236|0x000c73c3|0x0004cee4|1972|572|eth:ip:tcp:diameter:diameter:diameter3gpp|5,6 +# 8|1427215935.123559000|vcbavipt|gt_traf|265|0|16777236|0x000c73c3|0x0004cee4|248|248|eth:ip:tcp:diameter:diameter:diameter3gpp| +all_frames=( $(cat $tmpdir/diameter_frames | cut -d\| -f1) ) +needs_join=( $(cat $tmpdir/diameter_frames | cut -d\| -f13) ) +main_frames=( $(cat $tmpdir/diameter_frames | awk -F\| '{ if ($11 != "") print $1 }') ) + +# Reassemble procedure (using frame 1 as example): +# (for non segmented frames, it is enough with tcp or diameter length within the frame content itself) +# 1) Get the TCP length: 432 bytes. 432*2 = 864 characters per byte in hexadecimal string format +# 2) Get the frame length: `wc -c $tmpdir/block.$frame` => 997 +# 3) Get 864 from the tail: `cat $tmpdir/block.$frame | cut -c133 + +# Dump the hex blocks for all the diameter frames: +cat $PCAP_FILE | rawshark -s -r - -d proto:diameter -F data 2>/dev/null > $tmpdir/all_hex_data +for frame in ${all_frames[@]}; do + grep "^$frame " $tmpdir/all_hex_data | cut -d\" -f2 | sed 's/://g' > $tmpdir/block.$frame + frame_info=$(grep "^${frame}|" $tmpdir/diameter_frames) + + # Get the diameter part: + tcp_len=$(echo $frame_info | cut -d\| -f11) + frm_len=$(wc -c $tmpdir/block.$frame | awk '{ print $1 }') + cut_len=$((frm_len-2*tcp_len)) + cat $tmpdir/block.$frame | cut -c${cut_len}- > $RESULTS_DIR/$frame.hex + echo -n "Created $RESULTS_DIR/$frame.hex" + + # Metadata: + ts=$(echo $frame_info | cut -d\| -f2) + date=$(date -d @$ts) + src=$(echo $frame_info | cut -d\| -f3) + dst=$(echo $frame_info | cut -d\| -f4) + code=$(echo $frame_info | cut -d\| -f5) + isreq=$(echo $frame_info | cut -d\| -f6) + appid=$(echo $frame_info | cut -d\| -f7) + hbh=$(echo $frame_info | cut -d\| -f8) + e2e=$(echo $frame_info | cut -d\| -f9) + # To decimal: + hbh=$(printf "%d\n" $hbh) + e2e=$(printf "%d\n" $e2e) + echo "date=$date" > $RESULTS_DIR/$frame.metadata + echo "timestamp=$ts" >> $RESULTS_DIR/$frame.metadata + echo "src=$src" >> $RESULTS_DIR/$frame.metadata + echo "dst=$dst" >> $RESULTS_DIR/$frame.metadata + echo "code=$code" >> $RESULTS_DIR/$frame.metadata + echo "isrequest=$isreq" >> $RESULTS_DIR/$frame.metadata + echo "applicationid=$appid" >> $RESULTS_DIR/$frame.metadata + #echo "sequence=${hbh}.${e2e}" >> $RESULTS_DIR/$frame.metadata +# echo "hopbyhop=$hbh" >> $RESULTS_DIR/$frame.metadata +# echo "endtoend=$e2e" >> $RESULTS_DIR/$frame.metadata + + echo " and $RESULTS_DIR/$frame.metadata" +done + +# Join frames which need to be reassembled: +for group in ${needs_join[@]}; do + echo "Grouping frames $group ..." + group_array=( $(echo $group | sed 's/,/ /g') ) + for frame in ${group_array[@]}; do + cat $RESULTS_DIR/$frame.hex >> $tmpdir/diam.$group + done + cat $tmpdir/diam.$group | tr -d '\n' > $RESULTS_DIR/$frame.hex +done + +# Delete superfluous metadata: +echo "Deleting superfluous buffers & metadata ..." +segments=( $(cat $tmpdir/diameter_frames | awk -F\| '{ if ($10 == "") print $1 }') ) +for s in ${segments[@]}; do rm $RESULTS_DIR/$s.*; done + + +_exit "Done!" 0 +