Project

General

Profile

action #109211

[qe-core] test fails in wireshark - Wireshark test needs to be simplified

Added by szarate 6 months ago. Updated 4 months ago.

Status:
Feedback
Priority:
Normal
Assignee:
Category:
Refactor/Code Improvements
Target version:
Start date:
Due date:
% Done:

0%

Estimated time:
Difficulty:

Description

Observation

This test is executing a lot of steps testing the UI, but causes failures which in this case, when the mouse was moved, the copy menu was selected (for some weird reason)

Also the module is doing a full blown installation, when it could boot from HDD.

Dee proposed that we could do features and functionalities of Wireshark via console, and verify that the app really can be started, from the GUI point of view...

I have checked with Vit, and his feeling is that it is ok to proceed with the change.


Checklist

  • Dee to draft a plan how the Wireshark tests can be rewritten

Related issues

Copied from openQA Tests - action #98814: [qe-core] test fails in wireshark - Wireshark test needs to be simplifiedResolved

History

#1 Updated by szarate 6 months ago

  • Copied from action #98814: [qe-core] test fails in wireshark - Wireshark test needs to be simplified added

#2 Updated by szarate 6 months ago

  • Description updated (diff)

#3 Updated by szarate 6 months ago

  • Category changed from Bugs in existing tests to Refactor/Code Improvements

#4 Updated by szarate 6 months ago

  • Checklist item Dee to draft a plan how the Wireshark tests can be rewritten added
  • Tags set to qe-core-april-sprint
  • Description updated (diff)
  • Start date deleted (2022-03-30)

#5 Updated by szarate 6 months ago

  • Description updated (diff)

#6 Updated by szarate 6 months ago

  • Sprint set to QE-Core: April Sprint (Apr 13 - May 11)

#7 Updated by szarate 6 months ago

  • Status changed from New to Workable

#8 Updated by dvenkatachala 5 months ago

  • Assignee set to dvenkatachala

#9 Updated by dvenkatachala 5 months ago

We can use tshark , a command-line interface for Wireshark, that supports similar options to capture packet data from live connections, to write the packets to a file and to read/verify packets from a previously saved capture file.

Below are the test steps,

1. Capture packets:

Start capture via terminal using the tshark command in the background (and also generate the DNS request traffic in the current test) and save the captured data in a file.
   for e.g., Command : tshark  -i ens3 -f "port 53" -w /tmp/capture.pcap
   In the above tshark command, “-i” option begins the capture process from ens3 interface; capture filter "-f" option captures packets from ports 53  only and "-w" options saves 
   the captured traffic to a file.

2. Verify the capture:

Read the specific captured packet in the saved file by passing the display filter (option "-Y") and verify the packet count. If the packet count is non-zero then proceed to 
verify the required field value. 
   for e.g., Dns request packet count: tshark -r /tmp/capture.pcap  -Y "dns.a && dns.qry.name== www.suse.com"  | wc -l 
   then we can use options “-T field” and "-e" to extract fields as per our choice. see command usage below,
   command : tshark -r /tmp/capture.pcap  -Y "dns.a && dns.qry.name== www.suse.com"   -T fields  -e "dns.qry.name" -e "dns.qry.type"

#10 Updated by dvenkatachala 5 months ago

Santiago, should I go with the above steps to modify the current wireshark test? please confirm.

#11 Updated by szarate 5 months ago

  • Description updated (diff)

Hey Dee! as mentioned over Slack, capturing USB is something to have too, other than that, we're good to go

#12 Updated by dvenkatachala 5 months ago

  • Status changed from Workable to In Progress

As per our discussion, next step is to capture USB traffic.
USB capture traffic can be done with below steps,

  1. To dump USB traffic on Linux, you need the usbmon kernel module. If it is not loaded yet, run this command as root:
    • modprobe usbmon
  2. Run >lsusb and take a note of which bus the device connects.
  3. List the interfaces available on the system by running command. Run > tcpdump -D
    • Now initiate the capture on the interface of USB bus X noted from step 2.
  4. start and save the capture by running command: tshark -i "usbmonX" -w /tmp/capture_usb.pcap

@santiago, Can we discuss one more time regarding capture and parsing of USB traffic.

#13 Updated by dvenkatachala 5 months ago

  • Status changed from In Progress to Feedback

#14 Updated by szarate 4 months ago

  • Sprint deleted (QE-Core: April Sprint (Apr 13 - May 11))

Also available in: Atom PDF