github.com/gopacket/gopacket@v1.1.0/examples/reassemblydump/compare.sh (about) 1 #!/bin/bash 2 3 # Limitations: if the number extracted files in too big, finding identical 4 # files might fail due to '*' in cmdline 5 # This would require to split sha256sum symlinks in xx/yyyyy 6 7 usage() 8 { 9 echo "Usage: $0 <file.pcap> <output-dir>" 10 echo "Compares tcpreassembly against tcpflow" 11 echo "" 12 echo "$@" 13 exit 1 14 } 15 16 debug() { 17 return # comment me for debug 18 echo "$@" 19 } 20 21 die() 22 { 23 ( 24 echo "$@" 25 echo 26 ) >&2 27 exit 1 28 } 29 30 rename() 31 { 32 local path="$1" 33 local filter="$2" 34 find "$path" -type f -name "$filter" -print0 | 35 while IFS= read -r -d $'\0' f; do 36 local sha256="$(sha256sum "$f" | cut -d ' ' -f 1)" 37 local target="$(dirname $f)/../sha256/$sha256" 38 debug "$target → $f" 39 mkdir -p "$(dirname "$target")" || return 1 40 if [ ! -f "$target" ]; then 41 ln -sr "$f" "$target" || return 1 42 fi 43 done 44 return $? 45 } 46 47 main() 48 { 49 local src="$1" 50 local out="$2" 51 52 # TODO: make options 53 local extra="" 54 extra="$extra -debug" 55 extra="$extra -cpuprofile "$out/gopacket/cpu.prof"" 56 extra="$extra -memprofile "$out/gopacket/mem.prof"" 57 58 [ ! -f "$src" ] && usage "Missing pcap" 59 [ ! -d "$out" ] && ( mkdir "$out" || die "Failed to create $out" ) 60 61 mkdir -p "$out/gopacket/all" || die "Failed to create $out/gopacket/all" 62 mkdir -p "$out/tcpflow/all" || die "Faield to create $out/tcpflow/all" 63 64 echo " * Running go reassembly" 65 time ./reassemblydump -r "$src" $debug -output "$out/gopacket/all" $extra -writeincomplete -ignorefsmerr -nooptcheck -allowmissinginit port 80 &> "$out/gopacket.txt" || die "Failed to run reassmbly. Check $out/gopacket.txt" 66 echo " * Running tcpflow" 67 time tcpflow -e http -r "$src" -o "$out/tcpflow/all" port 80 &> "$out/tcpflow.txt" || die "Failed to run tcpflow. Check $out/tcpflow.txt" 68 69 echo " * Creating sha256sum symlinks for gopacket" 70 rename "$out/gopacket/all" '*' || die "Failed to rename in $out/gopacket" 71 echo " * Creating sha256sum symlinks for tcpflow" 72 rename "$out/tcpflow/all" '*HTTPBODY*' || die "Failed to rename in $out/tcpflow" 73 74 # Remove identical files 75 echo " * Finding identical files" 76 local nb=0 77 mkdir -p "$out/gopacket/sha256-equal" 78 mkdir -p "$out/tcpflow/sha256-equal" 79 for f in "$out/gopacket/sha256/"*; do 80 local f="$(basename "$f")" 81 [ -f "$out/tcpflow/sha256/$f" ] && { 82 debug " $f" 83 mv "$out/gopacket/sha256/$f" "$out/gopacket/sha256-equal" 84 mv "$out/tcpflow/sha256/$f" "$out/tcpflow/sha256-equal" 85 nb=$((nb+1)) 86 } 87 done 88 echo " → found $nb files" 89 90 echo " * Diffing {gopacket,tcpflow}/sha256" 91 local rc=0 92 for p in "gopacket" "tcpflow"; do 93 local nb=$(ls -1 "$out/$p/sha256/" | wc -l) 94 if [ $nb -ne 0 ]; then 95 rc=$((rc+1)) 96 echo " → $nb files in $out/$p/sha256" 97 fi 98 done 99 return $rc 100 } 101 102 main "$@" 103 exit $?