Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

conf.manufdb.* doesn't seem to work because Wireshark and some distros no longer ship the OUI database #4280

Closed
evverx opened this issue Feb 14, 2024 · 4 comments · Fixed by #4351
Closed

conf.manufdb.* doesn't seem to work because Wireshark and some distros no longer ship the OUI database #4280

evverx opened this issue Feb 14, 2024 · 4 comments · Fixed by #4351
Labels
bug dependency-related tests
Milestone
2.6.0

Comments

@evverx
Copy link
Contributor

evverx commented Feb 14, 2024

Brief description

The "manuf" file was removed from the Wireshark repository in wireshark/wireshark@b4a421c and at least Fedora and Debian no longer ship it with Wireshark. Because of that conf.manufdb doesn't work even with Wireshark installed and the manufdb tests fail with

###(062)=[failed] Test manuf DB methods 

^[[34m^[[1m>>> ^[[0massert conf.manufdb._resolve_MAC("00:00:0F:01:02:03") == "Next:01:02:03"
Traceback (most recent call last):
  File "<input>", line 2, in <module>
AssertionError

It's possible to get it around by manually generating the "manuf" file and putting it in /usr/share/wireshark:

tshark -G manuf >/usr/share/wireshark/manuf

The Wireshark project periodically uploads it to https://www.wireshark.org/download/automated/data/manuf

Scapy version

0708e67

Python version

Python 3.12.2

Operating system

Fedora Rawhide

Additional environment information

wireshark-cli-4.2.2-2.fc40.x86_64

How to reproduce

It can be reproduced by running the "manufdb" tests on Fedora Rawhide (or Debian Testing) with the latest version of Wireshark installed:

python3 -m scapy.tools.UTscapy -t test/regression.uts -k manufdb

Actual result

###(062)=[failed] Test manuf DB methods 

^[[34m^[[1m>>> ^[[0massert conf.manufdb._resolve_MAC("00:00:0F:01:02:03") == "Next:01:02:03"
Traceback (most recent call last):
  File "<input>", line 2, in <module>
AssertionError

Expected result

No response

Related resources

No response
evverx added a commit to evverx/scapy that referenced this issue Feb 14, 2024
@evverx
skip manufdb tests for now
c3afa45 
secdev#4280
@gpotter2 gpotter2 added this to the 2.6.0 milestone Feb 18, 2024
@wjholden
Copy link

I believe the manuf file is also no longer provided on Windows. You can manually install it with something like curl https://www.wireshark.org/download/automated/data/manuf -o 'C:\Program Files\Wireshark\manuf' to suppress the message WARNING: Wireshark is installed, but cannot read manuf !.

@lcnittl
Copy link

lcnittl commented Mar 20, 2024
edited
Loading

Related wireshark forum comment suggests to download the file (as suggested by @wjholden), or to create it with tshark -G manuf.

You can do so by

PS> cd "C:\Program Files\Wireshark"
PS> tshark -G manuf > manuf

@fossum
Copy link

fossum commented Apr 3, 2024

Is the file needed to run? In Windows it'll log a warning which confuses my customers as the program runs just fine.

scapy/scapy/arch/windows/__init__.py

Line 213 in 0a2b2bc

log_loading.warning("Wireshark is installed, but cannot read manuf !") # noqa: E501

Can we lower the log level? Or warn when the file is actually needed?

@gpotter2
Copy link
Member

gpotter2 commented Apr 3, 2024

This will be fixed in 2.6.0.

Having wireshark installed but no manuf file was very unexpected before it was recently removed, so the warning made a lot of sense.

@gpotter2 gpotter2 mentioned this issue Apr 13, 2024
Merged
evverx added a commit to evverx/scapy that referenced this issue Apr 20, 2024
@evverx
CI: run scapy on aarch64, i386, ppc64le, s390x and x86_64 on PRs
e39aafb 
The script takes the Fedora package, edits the spec file to make it
compatible with the upstream test suite and then it's all run on all
those architectures on the latest stable Fedora release and Fedora
Rawhide. (Rawhide is kind of a testing relase but it's useful in terms of
catching things like secdev#4280
reproducible with relatively new packages only).

It was originally prompted by
secdev#3847 (where the Debian
autopkgtest was run on big-endian and 32-bit machines) and should
hopefully make it easier to catch various issues before they land.

It has been tested since the beginning of 2023 so it should be stable at
this point.
@evverx evverx mentioned this issue Apr 20, 2024
Merged
gpotter2 pushed a commit that referenced this issue Apr 20, 2024
@evverx
CI: run scapy on aarch64, i386, ppc64le, s390x and x86_64 on PRs (#4355)
86c7a05 
The script takes the Fedora package, edits the spec file to make it
compatible with the upstream test suite and then it's all run on all
those architectures on the latest stable Fedora release and Fedora
Rawhide. (Rawhide is kind of a testing relase but it's useful in terms of
catching things like #4280
reproducible with relatively new packages only).

It was originally prompted by
#3847 (where the Debian
autopkgtest was run on big-endian and 32-bit machines) and should
hopefully make it easier to catch various issues before they land.

It has been tested since the beginning of 2023 so it should be stable at
this point.
evverx added a commit to evverx/scapy that referenced this issue May 1, 2024
@evverx
ci: bring back the manufdb tests
f0d423a 
now that secdev#4351 is merged and
secdev#4280 is closed.

and also run the netaccess tests.

It's a follow-up to 86c7a05.
evverx added a commit to evverx/scapy that referenced this issue May 1, 2024
@evverx
ci: bring back the manufdb tests
cc999cb 
now that secdev#4351 is merged and
secdev#4280 is closed.

and also run the netaccess tests.

It's a follow-up to 86c7a05.
@evverx evverx mentioned this issue May 1, 2024
Merged
gpotter2 pushed a commit that referenced this issue May 1, 2024
@evverx @gpotter2
ci: bring back the manufdb tests
19eeee5 
now that #4351 is merged and
#4280 is closed.

and also run the netaccess tests.

It's a follow-up to 86c7a05.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug dependency-related tests
Projects
None yet
Milestone
2.6.0
Development

Successfully merging a pull request may close this issue.

Bundle standalone 'manufdb' file to comply with Wireshark changes. gpotter2/scapy
5 participants
@fossum @evverx @gpotter2 @wjholden @lcnittl