Add dhcp tests (#243)

Author: vlvkobal

pcap/dhcp.pcapng

@@ -0,0 +1,5 @@
+---
+source: ja4/src/lib.rs
+expression: output
+---
+[]

pcap/dhcpv6.pcap

@@ -0,0 +1,5 @@
+---
+source: ja4/src/lib.rs
+expression: output
+---
+[]

rust/ja4/src/snapshots/ja4__insta@dhcp.pcapng.snap

@@ -18,7 +18,8 @@ FIELDS="-Y ja4 -T json \
 -e ja4.ja4ls \
 -e ja4.ja4ssh \
 -e ja4.ja4t \
--e ja4.ja4ts"
+-e ja4.ja4ts \
+-e ja4.ja4d"
 
 mkdir -p "$OUT_DIR"
 

rust/ja4/src/snapshots/ja4__insta@dhcpv6.pcap.snap

@@ -38,7 +38,8 @@ def test_tshark_output_matches_expected(pcap_file):
             "-e", "ja4.ja4ls",
             "-e", "ja4.ja4ssh",
             "-e", "ja4.ja4t",
-            "-e", "ja4.ja4ts"
+            "-e", "ja4.ja4ts",
+            "-e", "ja4.ja4d"
         ],
         stdout=subprocess.PIPE,
         stderr=subprocess.PIPE,

wireshark/test/generate-output-files.sh

@@ -0,0 +1,62 @@
+[
+  {
+    "_index": "packets-2004-12-05",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "1"
+        ],
+        "ja4.ja4d": [
+          "4-1-00_61-50-55_1-3-6-42"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2004-12-05",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "2"
+        ],
+        "ja4.ja4d": [
+          "4-2-00_1-58-59-51-54_00"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2004-12-05",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "3"
+        ],
+        "ja4.ja4d": [
+          "4-3-00_61-50-54-55_1-3-6-42"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2004-12-05",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "4"
+        ],
+        "ja4.ja4d": [
+          "4-5-00_58-59-51-54-1_00"
+        ]
+      }
+    }
+  }
+]

wireshark/test/test_tshark_output.py

@@ -0,0 +1,92 @@
+[
+  {
+    "_index": "packets-2015-01-02",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "2"
+        ],
+        "ja4.ja4d": [
+          "6-1-14_1-6-8-25_23-24"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2015-01-02",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "5"
+        ],
+        "ja4.ja4d": [
+          "6-2-14_25-26-1-2_00"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2015-01-02",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "7"
+        ],
+        "ja4.ja4d": [
+          "6-3-14_1-2-6-8-25-26_23-24"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2015-01-02",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "8"
+        ],
+        "ja4.ja4d": [
+          "6-7-14_25-26-1-2_00"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2015-01-02",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "11"
+        ],
+        "ja4.ja4d": [
+          "6-8-14_1-2-6-8-25-26_23-24"
+        ]
+      }
+    }
+  },
+  {
+    "_index": "packets-2015-01-02",
+    "_type": "doc",
+    "_score": null,
+    "_source": {
+      "layers": {
+        "frame.number": [
+          "12"
+        ],
+        "ja4.ja4d": [
+          "6-7-14_1-2-13_00"
+        ]
+      }
+    }
+  }
+]