Wireshark mailing list archives

Re: Collection of captures for each supported dissector?

From: Peter Wu <peter () lekensteyn nl>
Date: Mon, 30 Jun 2014 15:05:57 +0200

On Monday 30 June 2014 07:12:56 Evan Huus wrote:

The "menagerie" is our collection of capture files that the fuzz-bot uses to
test with. It contains a substantial number of files across as many
protocols as we have been able to accumulate. However, I am not sure it is
entirely publicly accessible?


I have seen the menagerie mentioned in bug reports, but could never find this 
publically.

Additionally, it is not indexed. There is a script somewhere to use tshark
to extract the protocols contained in each capture and build a list, but it
only works for protocols which are dissectible by default (no "decode as",
decryption, or other special settings usually).

One of the ideas floated at sharkfest this year was the possibility of a
proper interface to the menagerie, but I don't think anything really came
of it. What protocol are you interested in right now?


There is no particular protocol I am interested at, it was an idea to improve 
regression testing. Right now I am looking at all dissectors below TCP (or on 
top, depending on how you look at it).


By the way, could I get delete permissions for attachments for the 
SampleCaptures page on the wiki? There are a bunch of duplicates (and even 
some empty files) listed as attachment and not linked. Some are not even
captures files although their extension suggest so.

Empty files:
mount-de.pcap.gz
omron-test-csum.pcap
wireshark.org.pcap.gz

Not pcap (but tcpdump text output or even a media file):
packetout.pcap
RTSP.pcap

Duplicates can be found with:
md5sum * | sort | uniq -w32 -D | while read sum file; do echo $sum $(date 
+"%Y-%m-%d %H:%M" -r "$file") "$(du -hD "$file")"; done

Are there known efforts to index the files? I don't think that the wiki is a 
sustainable way to collect them?

Kind regards,
Peter
https://lekensteyn.nl

___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe

Current thread:

Collection of captures for each supported dissector? Peter Wu (Jun 30)
- Re: Collection of captures for each supported dissector? Evan Huus (Jun 30)
  - Re: Collection of captures for each supported dissector? Peter Wu (Jun 30)
    - Message not available
    - Re: Collection of captures for each supported dissector? Peter Wu (Jun 30)
    - Re: Collection of captures for each supported dissector? Christopher Maynard (Jun 30)