mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 23:28:20 +00:00
DHCP: Adding unit tests.
This commit is contained in:
parent
0f1b0e75b7
commit
1786a3b92d
10 changed files with 68 additions and 2 deletions
|
@ -57,13 +57,17 @@ event dhcp_ack(c: connection, msg: dhcp_msg, mask: addr, router: dhcp_router_lis
|
||||||
info$ts = network_time();
|
info$ts = network_time();
|
||||||
info$id = c$id;
|
info$id = c$id;
|
||||||
info$uid = c$uid;
|
info$uid = c$uid;
|
||||||
info$assigned_ip = reverse_ip(msg$yiaddr);
|
|
||||||
info$lease_time = lease;
|
info$lease_time = lease;
|
||||||
info$trans_id = msg$xid;
|
info$trans_id = msg$xid;
|
||||||
|
|
||||||
if ( msg$h_addr != "" )
|
if ( msg$h_addr != "" )
|
||||||
info$mac = msg$h_addr;
|
info$mac = msg$h_addr;
|
||||||
|
|
||||||
|
if ( reverse_ip(msg$yiaddr) != 0.0.0.0 )
|
||||||
|
info$assigned_ip = reverse_ip(msg$yiaddr);
|
||||||
|
else
|
||||||
|
info$assigned_ip = c$id$orig_h;
|
||||||
|
|
||||||
c$dhcp = info;
|
c$dhcp = info;
|
||||||
|
|
||||||
Log::write(DHCP::LOG, c$dhcp);
|
Log::write(DHCP::LOG, c$dhcp);
|
||||||
|
|
|
@ -20,3 +20,15 @@ event dhcp_request(c: connection, msg: dhcp_msg, req_addr: addr, serv_addr: addr
|
||||||
Log::write(Known::DEVICES_LOG, [$ts=network_time(), $mac=msg$h_addr, $dhcp_host_name=host_name]);
|
Log::write(Known::DEVICES_LOG, [$ts=network_time(), $mac=msg$h_addr, $dhcp_host_name=host_name]);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
event dhcp_inform(c: connection, msg: dhcp_msg, host_name: string)
|
||||||
|
{
|
||||||
|
if ( msg$h_addr == "" )
|
||||||
|
return;
|
||||||
|
|
||||||
|
if ( msg$h_addr !in known_devices )
|
||||||
|
{
|
||||||
|
add known_devices[msg$h_addr];
|
||||||
|
Log::write(Known::DEVICES_LOG, [$ts=network_time(), $mac=msg$h_addr, $dhcp_host_name=host_name]);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
|
@ -0,0 +1,10 @@
|
||||||
|
#separator \x09
|
||||||
|
#set_separator ,
|
||||||
|
#empty_field (empty)
|
||||||
|
#unset_field -
|
||||||
|
#path dhcp
|
||||||
|
#open 2013-07-31-21-00-49
|
||||||
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p mac assigned_ip lease_time trans_id
|
||||||
|
#types time string addr port addr port string addr interval count
|
||||||
|
1370200444.371332 nQcgTWjvg4c 128.2.6.189 68 128.2.6.152 67 90:b1:1c:99:49:29 128.2.6.189 900.000000 1984
|
||||||
|
#close 2013-07-31-21-00-50
|
|
@ -0,0 +1,10 @@
|
||||||
|
#separator \x09
|
||||||
|
#set_separator ,
|
||||||
|
#empty_field (empty)
|
||||||
|
#unset_field -
|
||||||
|
#path dhcp
|
||||||
|
#open 2013-07-31-21-00-55
|
||||||
|
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p mac assigned_ip lease_time trans_id
|
||||||
|
#types time string addr port addr port string addr interval count
|
||||||
|
1374432420.191205 FrJExwHcSal 128.2.6.122 68 128.2.6.152 67 90:b1:1c:99:49:29 128.2.6.122 0.000000 2754407505
|
||||||
|
#close 2013-07-31-21-00-55
|
|
@ -0,0 +1,11 @@
|
||||||
|
#separator \x09
|
||||||
|
#set_separator ,
|
||||||
|
#empty_field (empty)
|
||||||
|
#unset_field -
|
||||||
|
#path known_devices
|
||||||
|
#open 2013-07-31-21-27-41
|
||||||
|
#fields ts mac dhcp_host_name
|
||||||
|
#types time string string
|
||||||
|
1370200443.344965 90:b1:1c:99:49:29 btest.is.cool
|
||||||
|
1374432420.186878 90:b1:1c:99:49:29 (empty)
|
||||||
|
#close 2013-07-31-21-27-41
|
BIN
testing/btest/Traces/dhcp/dhcp.trace
Normal file
BIN
testing/btest/Traces/dhcp/dhcp.trace
Normal file
Binary file not shown.
BIN
testing/btest/Traces/dhcp/dhcp_inform.trace
Normal file
BIN
testing/btest/Traces/dhcp/dhcp_inform.trace
Normal file
Binary file not shown.
|
@ -0,0 +1,6 @@
|
||||||
|
# This tests that DHCP leases are logged in dhcp.log
|
||||||
|
# The trace has a message of each DHCP message type,
|
||||||
|
# but only one lease should show up in the logs.
|
||||||
|
|
||||||
|
# @TEST-EXEC: bro -r $TRACES/dhcp/dhcp.trace %INPUT
|
||||||
|
# @TEST-EXEC: btest-diff dhcp.log
|
5
testing/btest/scripts/base/protocols/dhcp/inform.test
Normal file
5
testing/btest/scripts/base/protocols/dhcp/inform.test
Normal file
|
@ -0,0 +1,5 @@
|
||||||
|
# DHCPINFORM leases are special-cased in the code.
|
||||||
|
# This tests that those leases are correctly logged.
|
||||||
|
|
||||||
|
# @TEST-EXEC: bro -r $TRACES/dhcp/dhcp_inform.trace %INPUT
|
||||||
|
# @TEST-EXEC: btest-diff dhcp.log
|
|
@ -0,0 +1,8 @@
|
||||||
|
# This tests that the known_devices log is created,
|
||||||
|
# that devices are logged by MAC address, and that
|
||||||
|
# the DHCP hostname is added, if available.
|
||||||
|
|
||||||
|
# @TEST-EXEC: bro -r $TRACES/dhcp/dhcp.trace -r $TRACES/dhcp/dhcp_inform.trace %INPUT
|
||||||
|
# @TEST-EXEC: btest-diff known_devices.log
|
||||||
|
|
||||||
|
@load policy/protocols/dhcp/known-devices-and-hostnames
|
Loading…
Add table
Add a link
Reference in a new issue