summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHarald Welte <laforge@osmocom.org>2020-12-11 15:30:56 +0100
committerHarald Welte <laforge@osmocom.org>2020-12-11 15:32:08 +0100
commit7c295369751bbdb5b49d98dc9734df5dae603a66 (patch)
tree4e6bac378afe458fc16f3e466ae7eccd677b054e
parentdc805c00eb46f923be6e185a2337fc6351ae38e3 (diff)
gbproxy: Properly capture HDLC/FR traffic in addition to ethernet
We cannot use "-i all" but must list each interface separately, which is only supported by dumpcap. We also must write pcapng files. Change-Id: Id412af3bb6bcad5e0f2cf40a6dc497d7e4f3d948
-rw-r--r--gbproxy/GBProxy_Tests.default4
-rwxr-xr-xttcn3-dumpcap-start.sh96
-rwxr-xr-xttcn3-dumpcap-stop.sh52
3 files changed, 152 insertions, 0 deletions
diff --git a/gbproxy/GBProxy_Tests.default b/gbproxy/GBProxy_Tests.default
index 799ac32..8634b49 100644
--- a/gbproxy/GBProxy_Tests.default
+++ b/gbproxy/GBProxy_Tests.default
@@ -1,3 +1,7 @@
+[DEFINE]
+TCPDUMP_START := $TTCN3_HACKS_PATH"/ttcn3-dumpcap-start.sh"
+TCPDUMP_STOP := $TTCN3_HACKS_PATH"/ttcn3-dumpcap-stop.sh"
+
[LOGGING]
FileMask := LOG_ALL | TTCN_MATCHING;
diff --git a/ttcn3-dumpcap-start.sh b/ttcn3-dumpcap-start.sh
new file mode 100755
index 0000000..aa3814a
--- /dev/null
+++ b/ttcn3-dumpcap-start.sh
@@ -0,0 +1,96 @@
+#!/bin/bash
+#
+# contrary to ttcn3-tcpdump-start.sh, this version is dumpcap-only and
+# needed when we want to capture from interfaces of different link
+# types. It will also store the results as pcap-ng, not plain old pcap.
+
+PIDFILE_PCAP=/tmp/pcap.pid
+DUMPCAP=/usr/bin/dumpcap
+
+PIDFILE_NETCAT=/tmp/netcat.pid
+NETCAT=/bin/nc
+GSMTAP_PORT=4729
+
+TESTCASE=$1
+
+kill_rm_pidfile() {
+ if [ -e $1 ]; then
+ kill "$(cat "$1")"
+ rm $1
+ fi
+}
+
+echo "------ $TESTCASE ------"
+date
+
+if [ "z$TTCN3_PCAP_PATH" = "z" ]; then
+ TTCN3_PCAP_PATH=/tmp
+fi
+
+kill_rm_pidfile $PIDFILE_NETCAT
+kill_rm_pidfile $PIDFILE_PCAP
+
+if [ -x $DUMPCAP ]; then
+ CAP_ERR="1"
+ if [ -x /sbin/setcap ]; then
+ # N. B: this check requires libcap2-bin package
+ /sbin/setcap -q -v 'cap_net_admin,cap_net_raw=pie' $DUMPCAP
+ CAP_ERR="$?"
+ fi
+ if [ -u $DUMPCAP -o "$CAP_ERR" = "0" ]; then
+ CMD="$DUMPCAP -q"
+ else
+ echo "NOTE: unable to use dumpcap due to missing capabilities or suid bit"
+ exit 32
+ fi
+fi
+
+# Create a dummy sink for GSMTAP packets
+$NETCAT -l -u -k -p $GSMTAP_PORT >/dev/null 2>$TESTCASE.netcat.stderr &
+PID=$!
+echo $PID > $PIDFILE_NETCAT
+
+# generate the list of interface arguments. For capturing from
+# interfaces of different link-layer types, we cannot use "-i all"
+# but must use dumpcap with each individual interface name. We also
+# must write pcapng files, as only those can record the interface of
+# each packet
+ADDL_ARGS=""
+for f in /sys/class/net/*; do
+ DEV=`basename $f`
+ if [[ "$DEV" == "hdlcnet"* ]]; then
+ # skip these as we only want the hdlcX devices, avoid capturing twice on both sides
+ continue
+ elif [[ "$DEV" == "hdlc"* ]]; then
+ # these are the user-side of the FR links, which is
+ # what we interface with from our test suite, emulating
+ # a BSS.
+ ADDL_ARGS="${ADDL_ARGS} -i ${DEV}"
+ elif [[ "$DEV" == "eth"* ]]; then
+ # we blindly assume that "normal" docker network devices
+ # are called ethXXX
+ ADDL_ARGS="${ADDL_ARGS} -i ${DEV}"
+ fi
+done
+
+$CMD -s 1500 -n ${ADDL_ARGS} -w "$TTCN3_PCAP_PATH/$TESTCASE.pcapng" >$TTCN3_PCAP_PATH/$TESTCASE.pcapng.stdout 2>&1 &
+PID=$!
+echo $PID > $PIDFILE_PCAP
+
+# Wait until packet dumper creates the pcap file and starts recording.
+# We generate some traffic until we see packet dumper catches it.
+# Timeout is 10 seconds.
+ping 127.0.0.1 >/dev/null 2>&1 &
+PID=$!
+i=0
+while [ ! -f "$TTCN3_PCAP_PATH/$TESTCASE.pcapng" ] ||
+ [ "$(stat -c '%s' "$TTCN3_PCAP_PATH/$TESTCASE.pcapng")" -eq 32 ]
+do
+ echo "Waiting for packet dumper to start... $i"
+ sleep 1
+ i=$((i+1))
+ if [ $i -eq 10 ]; then
+ break
+ fi
+done
+kill $PID
diff --git a/ttcn3-dumpcap-stop.sh b/ttcn3-dumpcap-stop.sh
new file mode 100755
index 0000000..e13fbc0
--- /dev/null
+++ b/ttcn3-dumpcap-stop.sh
@@ -0,0 +1,52 @@
+#!/bin/sh
+
+PIDFILE_PCAP=/tmp/pcap.pid
+PIDFILE_NETCAT=/tmp/netcat.pid
+TESTCASE=$1
+VERDICT="$2"
+
+kill_rm_pidfile() {
+if [ -e $1 ]; then
+ PSNAME="$(ps -q "$(cat "$1")" -o comm=)"
+ if [ "$PSNAME" != "sudo" ]; then
+ kill "$(cat "$1")"
+ else
+ # NOTE: This requires you to be root or something like
+ # "laforge ALL=NOPASSWD: /usr/sbin/tcpdump, /bin/kill" in your sudoers file
+ sudo kill "$(cat "$1")"
+ fi
+ rm $1
+fi
+}
+
+date
+
+if [ x"$VERDICT" = x"pass" ]; then
+ echo -e "\033[1;32m====== $TESTCASE $VERDICT ======\033[0m"
+else
+ echo -e "\033[1;31m------ $TESTCASE $VERDICT ------\033[0m"
+fi
+echo
+
+if [ "z$TTCN3_PCAP_PATH" = "z" ]; then
+ TTCN3_PCAP_PATH=/tmp
+fi
+
+# Wait for up to 2 seconds if we keep receiving traffinc from packet dumper,
+# otherwise we might lose last packets from test.
+i=0
+prev_count=-1
+count=$(stat --format="%s" "$TTCN3_PCAP_PATH/$TESTCASE.pcapng")
+while [ $count -gt $prev_count ] && [ $i -lt 2 ]
+do
+ echo "Waiting for packet dumper to finish... $i (prev_count=$prev_count, count=$count)"
+ sleep 1
+ prev_count=$count
+ count=$(stat --format="%s" "$TTCN3_PCAP_PATH/$TESTCASE.pcapng")
+ i=$((i+1))
+done
+
+kill_rm_pidfile "$PIDFILE_PCAP"
+kill_rm_pidfile "$PIDFILE_NETCAT"
+
+gzip -f "$TTCN3_PCAP_PATH/$TESTCASE.pcapng"