[asterisk-dev] [Code Review] Add the ability to capture and analyze packets

Terry Wilson reviewboard at asterisk.org
Wed Dec 14 22:29:36 CST 2011

This is an automatically generated e-mail. To reply, visit:

Review request for Asterisk Developers and Paul Belanger.


This patch allows one to capture live network traffic, write tests based on that traffic, and to save capture files for later use. Currently the savefile directory must be specified by the test, so it might be nice to add the ability to easily record he pcap file somewhere where runtests.py will archive it.

There is also a pseudo SIP message parser for breaking generally well-formed SIP messages into the request/response line, headers, and body to facilitate writing SIP-based pcap tests. A cheesy demo test is included as a proof of concept.

The pcap functionality relies on the yappcap library (which I also wrote) which is available at https://github.com/otherwiseguy/yappcap. The library is still under active development and I desperately need to document it, but the API in use by the tests should not change. Other python pcap libraries were missing one or more features I needed/wanted.

The pcap demo test uses the Construct python library to navigate to the application-layer data in the raw packet because I didn't want to bother writing code to do that myself.

I've been staring at and obsessing over this code (and yappcap) too long. It is time for some other eyes.


  /asterisk/trunk/lib/python/asterisk/TestCase.py 2892 
  /asterisk/trunk/lib/python/pcap_listener.py PRE-CREATION 
  /asterisk/trunk/lib/python/sip_message.py PRE-CREATION 
  /asterisk/trunk/tests/channels/SIP/pcap_demo/configs/ast1/extensions.conf PRE-CREATION 
  /asterisk/trunk/tests/channels/SIP/pcap_demo/configs/ast1/sip.conf PRE-CREATION 
  /asterisk/trunk/tests/channels/SIP/pcap_demo/run-test PRE-CREATION 
  /asterisk/trunk/tests/channels/SIP/pcap_demo/test-config.yaml PRE-CREATION 
  /asterisk/trunk/tests/channels/SIP/tests.yaml 2892 

Diff: https://reviewboard.asterisk.org/r/1623/diff


I ran the included test and opened the saved capture file to make sure it looked right.



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.digium.com/pipermail/asterisk-dev/attachments/20111215/76a0a14e/attachment.htm>

More information about the asterisk-dev mailing list