]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 0832c8e)
tls: add check for catch-all rule logging app-layer metadata 2172/head
authorPhilippe Antoine <pantoine@oisf.net>
Mon, 2 Dec 2024 10:18:29 +0000 (11:18 +0100)
committerPhilippe Antoine <pantoine@oisf.net>
Tue, 10 Dec 2024 08:59:30 +0000 (09:59 +0100)
Ticket: 7530

tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml patch | blob | blame | history
tests/firewall/firewall-06-tls-sni-enforce/test.yaml patch | blob | blame | history

diff --git a/tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml b/tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml
index b67886b55e2a03974ad26f173c4d9e6d6b0f15d5..3770357fd1fe1b515666f94b1ee7e86a13b4eb0b 100644 (file)
--- a/tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml
+++ b/tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml
@@ -15,6 +15,10 @@ stats:
   # Add stream events as stats.
   #stream-events: false
 
+detect:
+  stream-tx-log-limit: 4
+  guess-applayer-tx: true
+
 # Configure the type of alert (and other) logging you would like.
 outputs:
   - eve-log:
diff --git a/tests/firewall/firewall-06-tls-sni-enforce/test.yaml b/tests/firewall/firewall-06-tls-sni-enforce/test.yaml
index 0c54b3cba79f3b071e4a57e866599e7da2d7d64e..b61b85c402cde6f2d1de6defb40e03de64366efb 100644 (file)
--- a/tests/firewall/firewall-06-tls-sni-enforce/test.yaml
+++ b/tests/firewall/firewall-06-tls-sni-enforce/test.yaml
@@ -14,6 +14,14 @@ checks:
     count: 26
     match:
       event_type: alert
+- filter:
+    min-version: 8
+    # check for https://redmine.openinfosecfoundation.org/issues/7350
+    count: 4
+    match:
+      event_type: alert
+      alert.signature_id: 3
+      tls.sni: raw.githubusercontent.com
 - filter:
     count: 1
     match:
Mirror of https://github.com/OISF/suricata-verify.git