From Fedora Project Wiki
No edit summary
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 4: Line 4:
# Ensure the {{package|wireshark}}, {{package|wireshark-gnome}} packages are installed.
# Ensure the {{package|wireshark}}, {{package|wireshark-gnome}} packages are installed.
|actions=
|actions=
# Add the current user to wireshark group: {{command|su -c 'usermod -a -G wireshark <username>'}}
# Add the current user <username> to wireshark group: {{command|su -c 'usermod -a -G wireshark <username>'}}
# Start capturing network traffic on '''eth0''': {{command|wireshark -i eth0 -k}}
# Start capturing network traffic on '''eth0''': {{command|wireshark -i eth0 -k}}
# Do some network activities, like go to some website, ssh/ping a remote host.
# Do some network activities, like go to some websites, ssh/ping a remote host.
# Stop capturing traffic.
# Stop capturing traffic.
# Save file as: {{command|/tmp/test.pcap}}
# Save file as: {{command|/tmp/test.pcap}}
Line 17: Line 17:
|results=
|results=
# You should see Wireshark capturing packets.
# You should see Wireshark capturing packets.
# Wireshark should be able to save/open the file.
# Filter and Follow TCP stream should work.
# Filter and Follow TCP stream should work.
# Wireshark should works as expected without crashes.
# Wireshark should works as expected without crashes.
}}
}}

Latest revision as of 08:09, 30 May 2011

Description

This test case tests the ability of Wireshark to capture and analyze network traffic.

Setup

  1. Ensure the wireshark, wireshark-gnome packages are installed.

How to test

  1. Add the current user <username> to wireshark group: su -c 'usermod -a -G wireshark <username>'
  2. Start capturing network traffic on eth0: wireshark -i eth0 -k
  3. Do some network activities, like go to some websites, ssh/ping a remote host.
  4. Stop capturing traffic.
  5. Save file as: /tmp/test.pcap
  6. Close Wireshark
  7. Open the saved file with Wireshark: wireshark /tmp/test.pcap
  8. Try to use the Filter eg: filter by HTTP, SSH etc...
  9. Try to use Follow TCP stream functionality.
  10. Close Wireshark

Expected Results

  1. You should see Wireshark capturing packets.
  2. Wireshark should be able to save/open the file.
  3. Filter and Follow TCP stream should work.
  4. Wireshark should works as expected without crashes.