tests/etag: Basic test case for ETAG decode

author Fupeng Zhao <fupeng.zhao@foxmail.com>

Wed, 17 Sep 2025 13:25:03 +0000 (13:25 +0000)

committer Victor Julien <victor@inliniac.net>

Sat, 20 Sep 2025 07:08:36 +0000 (09:08 +0200)
author Fupeng Zhao <fupeng.zhao@foxmail.com>
Wed, 17 Sep 2025 13:25:03 +0000 (13:25 +0000)
committer Victor Julien <victor@inliniac.net>
Sat, 20 Sep 2025 07:08:36 +0000 (09:08 +0200)
diff --git a/tests/decode-etag-01/README.md b/tests/decode-etag-01/README.md

new file mode 100644 (file)

index 0000000..230ed72
--- /dev/null
+++ b/tests/decode-etag-01/README.md
@@ -0,0 +1,11 @@
+# Test Description
+
+Test basic 802.1BR E-tag decoding
+
+## PCAP
+
+PCAP comes from https://redmine.openinfosecfoundation.org/issues/3953
+
+## Related issues
+
+https://redmine.openinfosecfoundation.org/issues/3953
diff --git a/tests/decode-etag-01/input.pcap b/tests/decode-etag-01/input.pcap

new file mode 100644 (file)

index 0000000..3eb1633

Binary files /dev/null and b/tests/decode-etag-01/input.pcap differ
diff --git a/tests/decode-etag-01/test.yaml b/tests/decode-etag-01/test.yaml

new file mode 100644 (file)

index 0000000..65d196b
--- /dev/null
+++ b/tests/decode-etag-01/test.yaml
@@ -0,0 +1,12 @@
+requires:
+   min-version: 9
+
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+  - stats:
+      decoder.ipv4: 1
+      decoder.etag: 1
+      decoder.tcp: 1
diff --git a/tests/decode-etag-02/README.md b/tests/decode-etag-02/README.md

new file mode 100644 (file)

index 0000000..230ed72
--- /dev/null
+++ b/tests/decode-etag-02/README.md
@@ -0,0 +1,11 @@
+# Test Description
+
+Test basic 802.1BR E-tag decoding
+
+## PCAP
+
+PCAP comes from https://redmine.openinfosecfoundation.org/issues/3953
+
+## Related issues
+
+https://redmine.openinfosecfoundation.org/issues/3953
diff --git a/tests/decode-etag-02/input.pcap b/tests/decode-etag-02/input.pcap

new file mode 100644 (file)

index 0000000..376edd4

Binary files /dev/null and b/tests/decode-etag-02/input.pcap differ
diff --git a/tests/decode-etag-02/test.yaml b/tests/decode-etag-02/test.yaml

new file mode 100644 (file)

index 0000000..65d196b
--- /dev/null
+++ b/tests/decode-etag-02/test.yaml
@@ -0,0 +1,12 @@
+requires:
+   min-version: 9
+
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+  - stats:
+      decoder.ipv4: 1
+      decoder.etag: 1
+      decoder.tcp: 1
author	Fupeng Zhao <fupeng.zhao@foxmail.com>
	Wed, 17 Sep 2025 13:25:03 +0000 (13:25 +0000)
committer	Victor Julien <victor@inliniac.net>
	Sat, 20 Sep 2025 07:08:36 +0000 (09:08 +0200)
tests/decode-etag-01/README.md	[new file with mode: 0644]	patch \| blob
tests/decode-etag-01/input.pcap	[new file with mode: 0644]	patch \| blob
tests/decode-etag-01/test.yaml	[new file with mode: 0644]	patch \| blob
tests/decode-etag-02/README.md	[new file with mode: 0644]	patch \| blob
tests/decode-etag-02/input.pcap	[new file with mode: 0644]	patch \| blob
tests/decode-etag-02/test.yaml	[new file with mode: 0644]	patch \| blob