From: Philippe Antoine <pantoine@oisf.net>
Date: Tue, 26 Aug 2025 19:22:07 +0000 (+0200)
Subject: detect/prefilter: test u8 prefilter with lte mode
X-Git-Tag: suricata-7.0.12~13
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fpull%2F2631%2Fhead;p=thirdparty%2Fsuricata-verify.git

detect/prefilter: test u8 prefilter with lte mode

Ticket: 7865
---

diff --git a/tests/detect-itype-prefilter/test.rules b/tests/detect-itype-prefilter/test.rules
index 50f59820f..649ca83a8 100644
--- a/tests/detect-itype-prefilter/test.rules
+++ b/tests/detect-itype-prefilter/test.rules
@@ -1,2 +1,6 @@
 alert icmp any any -> any any (itype:8; sid:1;)
 alert icmp any any -> any any (itype:8; prefilter; sid:2;)
+
+alert icmp any any -> any any (itype: <= 8; prefilter; sid:3;)
+alert icmp any any -> any any (itype: >= 8; prefilter; sid:4;)
+alert icmp any any -> any any (itype: != 0; prefilter; sid:5;)
diff --git a/tests/detect-itype-prefilter/test.yaml b/tests/detect-itype-prefilter/test.yaml
index 1a443af3c..7e6187fc9 100644
--- a/tests/detect-itype-prefilter/test.yaml
+++ b/tests/detect-itype-prefilter/test.yaml
@@ -12,4 +12,21 @@ checks:
       match:
         event_type: alert
         alert.signature_id: 2
-
+  - filter:
+      min-version: 8.0.1
+      count: 150
+      match:
+        event_type: alert
+        alert.signature_id: 3
+  - filter:
+      min-version: 8.0.1
+      count: 75
+      match:
+        event_type: alert
+        alert.signature_id: 4
+  - filter:
+      min-version: 8.0.1
+      count: 75
+      match:
+        event_type: alert
+        alert.signature_id: 5