]>
git.ipfire.org Git - thirdparty/suricata-verify.git/log
Victor Julien [Fri, 27 Jan 2023 15:55:00 +0000 (16:55 +0100)]
tests: add frame ips test
Victor Julien [Fri, 27 Jan 2023 13:38:30 +0000 (14:38 +0100)]
tests: improve frame gap tests
Add detection.
Victor Julien [Fri, 27 Jan 2023 12:38:34 +0000 (13:38 +0100)]
frames: sip test update
Jason Ish [Wed, 18 Jan 2023 18:23:12 +0000 (12:23 -0600)]
pcap-log: fix tests for issue 5374
Suricata 7.0-dev will now use the time of the start packet for pcap
logging when reading from a file like 6.0 did.
Issue: 5374
Philippe Antoine [Tue, 6 Dec 2022 13:28:48 +0000 (14:28 +0100)]
Adds test about smb ntlmssp arbitrary order
Ticket: #5258
Philippe Antoine [Thu, 15 Sep 2022 18:58:39 +0000 (20:58 +0200)]
test: update warning about bad hex
To reflect the full content string
Victor Julien [Sun, 8 Jan 2023 06:43:59 +0000 (07:43 +0100)]
tests: update frames for stream frames
Victor Julien [Sun, 8 Jan 2023 06:38:33 +0000 (07:38 +0100)]
tests: fix tcp tests being too strict on tcp objects
Victor Julien [Thu, 22 Dec 2022 18:17:47 +0000 (19:17 +0100)]
tests: add rules for flow drops
Victor Julien [Thu, 29 Sep 2022 08:50:25 +0000 (10:50 +0200)]
tests: tls nom7 updates
Victor Julien [Mon, 26 Sep 2022 17:12:22 +0000 (19:12 +0200)]
tests: tls updates for 6 backports
Victor Julien [Thu, 1 Dec 2022 19:33:26 +0000 (20:33 +0100)]
output: fixups for output changes
Victor Julien [Thu, 15 Dec 2022 10:03:20 +0000 (11:03 +0100)]
tests: limit rfb community id check to 7
Victor Julien [Sat, 10 Dec 2022 19:01:30 +0000 (20:01 +0100)]
tests: fix grep for openbsd
Victor Julien [Sat, 10 Dec 2022 14:59:52 +0000 (15:59 +0100)]
tests: fix pcap for openbsd
Victor Julien [Sat, 10 Dec 2022 11:01:47 +0000 (12:01 +0100)]
tests: fix bug 4376 for openbsd
Jason Ish [Wed, 7 Dec 2022 21:34:46 +0000 (15:34 -0600)]
createst: rename add-version to simply version
This is a more consistent mapping to the documented name in test.yaml.
Also add --cfg to the README which was missing.
Jason Ish [Wed, 7 Dec 2022 21:10:10 +0000 (15:10 -0600)]
createst: document --features
Haleema Khan [Fri, 21 Oct 2022 01:46:46 +0000 (06:46 +0500)]
createst: Commandline param to specify required features
Feature: #4061
Haleema Khan [Mon, 24 Oct 2022 15:05:32 +0000 (20:05 +0500)]
detect-bytemath: add tests
Ticket: #5589
Jason Ish [Thu, 17 Nov 2022 22:01:50 +0000 (16:01 -0600)]
template tests: update for removal of C templates
In 7, the rust based template parser is simply template.
Philippe Antoine [Wed, 30 Nov 2022 15:28:14 +0000 (16:28 +0100)]
rfb: adds a check for community_id field in a rfb event
David Beckett [Wed, 16 Nov 2022 18:32:01 +0000 (18:32 +0000)]
tests/http2: Add tests for HTTP/2 decompression bug
7.0.0-beta1 hits anomaly, failed_decompression
Philippe Antoine [Mon, 28 Nov 2022 20:54:53 +0000 (21:54 +0100)]
smtp: fix test counting empty new lines
Victor Julien [Sat, 26 Nov 2022 14:31:17 +0000 (15:31 +0100)]
tests: issue 5223 for 6
Victor Julien [Sat, 26 Nov 2022 06:58:20 +0000 (07:58 +0100)]
tests: smb2 async for 6.0.x
Victor Julien [Fri, 25 Nov 2022 16:31:43 +0000 (17:31 +0100)]
tests: add tests for bug 5633
Philippe Antoine [Wed, 23 Nov 2022 07:56:47 +0000 (08:56 +0100)]
smb2: fixes test about smb events count
Philippe Antoine [Tue, 22 Nov 2022 20:45:52 +0000 (21:45 +0100)]
Adds test about smb2 async read response
Philippe Antoine [Fri, 23 Sep 2022 12:08:54 +0000 (14:08 +0200)]
framework: utf-8 validation in test stdout/stderr
Philippe Antoine [Thu, 15 Sep 2022 08:59:50 +0000 (10:59 +0200)]
framework: adds a timeout of 5 minutes per test
Victor Julien [Tue, 21 Dec 2021 09:07:01 +0000 (10:07 +0100)]
tests: add tests for negated protocol matching
Philippe Antoine [Fri, 28 Oct 2022 20:09:45 +0000 (22:09 +0200)]
quic: adds signature for parsing check
Philippe Antoine [Thu, 3 Nov 2022 10:38:36 +0000 (11:38 +0100)]
smtp: more valid SMTP for protocol-changed test
That is one server banner, plus one response per request
Jeff Lucovsky [Wed, 10 Aug 2022 12:00:22 +0000 (08:00 -0400)]
test/rules: Update ETOpen rules
Issue: 2982
During 2982 development, an issue with some rules in the ETOpen ruleset
were discovered and reported to Proofpoint.
This commit updates the ETOpen rules containing the fixes for the
reported issue which manifested in 2 rules: sids
2037001 and
2035521 .
Jeff Lucovsky [Tue, 25 Jan 2022 19:14:50 +0000 (14:14 -0500)]
test/yaml: Improve YAML parsing error messages
Without this commit, a YAML syntactic error is silently ignored. This
patch displays the YAML exception, if any, that occurs while loading the
YAML config file.
Jeff Lucovsky [Sat, 22 Jan 2022 14:33:50 +0000 (09:33 -0500)]
tests/dsize Suricata version 7 and later tests
This commit adds a test for Suricata 7 and later with the new dsize
validation logic. A new error message indicating the actual and expected
dsize value is emitted when there's a mismatch.
Jeff Lucovsky [Fri, 21 Jan 2022 15:35:11 +0000 (10:35 -0500)]
general: Typo fixup
Jeff Lucovsky [Sat, 13 Feb 2021 15:36:33 +0000 (10:36 -0500)]
tests: Update to use modified error message
Jeff Lucovsky [Sat, 13 Feb 2021 15:36:11 +0000 (10:36 -0500)]
tests: Add test case for 2982
Victor Julien [Tue, 1 Nov 2022 09:12:03 +0000 (10:12 +0100)]
tests: update pcre test for new output
Disable on 6 until we can do version checks per shell check.
Juliana Fajardini [Thu, 24 Feb 2022 19:31:44 +0000 (19:31 +0000)]
createst: add arg for setting midstream true
With this, one can pass '--midstream' and this will add that as a test
argument and write it to test.yaml. Default is still midstream false.
Juliana Fajardini [Wed, 7 Sep 2022 19:38:12 +0000 (16:38 -0300)]
tests: add test for pgsql out of order params bug
StartupMessages for pgsql have a series of parameters that may show up
in any order, so let's make sure we can indeed parse them if, for
instance, user, which is a mandatory parameter, isn't the first to be
seen in the list.
Related to
Bug #5524
Juliana Fajardini [Wed, 7 Sep 2022 19:11:44 +0000 (16:11 -0300)]
tests/pgsql: adjust to new startup message format
With the pgsql improving, we made database an optional parameter (as it
is, according to the documentation). Then the tests had to be updated.
Jason Ish [Tue, 4 Oct 2022 22:02:31 +0000 (16:02 -0600)]
tests: add tests for real bittorrent-dht traffic
Modupe Falodun [Tue, 1 Mar 2022 23:06:21 +0000 (00:06 +0100)]
detect-bytetest: add tests
Task: 4911
Juliana Fajardini [Wed, 6 Jul 2022 19:35:12 +0000 (16:35 -0300)]
readme: update createst explanation, add examples
There were optional arguments missing in the usage shown, as well as in
the list with explanations about possible arguments.
Juliana Fajardini [Thu, 24 Feb 2022 20:17:47 +0000 (20:17 +0000)]
createst: fix typo, update copyright year
Shivani Bhardwaj [Mon, 27 Jun 2022 10:25:38 +0000 (15:55 +0530)]
createst: add option for custom suricata.yaml
Alice Akaki [Wed, 26 Oct 2022 02:42:12 +0000 (22:42 -0400)]
detect-icmp-seq: add test
Task: #5597
Haleema Khan [Sat, 22 Oct 2022 03:53:55 +0000 (08:53 +0500)]
detect-itype: add tests
Ticket: #5590
Haleema Khan [Fri, 21 Oct 2022 21:06:02 +0000 (02:06 +0500)]
tests: add test for issue 4751
Ticket: #4751
Alice Akaki [Wed, 19 Oct 2022 04:54:02 +0000 (00:54 -0400)]
createst: add the add-version param to specify Suricata version
Feature #4059
Eric Leblond [Sun, 19 Jun 2022 11:19:47 +0000 (13:19 +0200)]
tests: add ip dataset loading test
Eric Leblond [Sun, 19 Jun 2022 11:08:18 +0000 (13:08 +0200)]
tests: add ipv6 dataset test
Also this test ip.src keyword
Eric Leblond [Sun, 19 Jun 2022 11:03:13 +0000 (13:03 +0200)]
tests: add ipv4 set save test
Shivani Bhardwaj [Fri, 7 Oct 2022 04:44:09 +0000 (10:14 +0530)]
tests: add test for issue 5223
Philippe Antoine [Fri, 23 Sep 2022 09:31:52 +0000 (11:31 +0200)]
Adds check about flow.age keyword
Sascha Steinbiss [Thu, 22 Sep 2022 14:11:19 +0000 (16:11 +0200)]
add test for extended security ipopts
Victor Julien [Thu, 20 Oct 2022 05:18:00 +0000 (07:18 +0200)]
tests: update nfs for mac logging fix
Victor Julien [Sat, 15 Oct 2022 14:56:14 +0000 (16:56 +0200)]
tests: various tag rules
Victor Julien [Sat, 15 Oct 2022 09:50:06 +0000 (11:50 +0200)]
tests: add suppress tests
Victor Julien [Sat, 15 Oct 2022 06:07:10 +0000 (08:07 +0200)]
tests: add rate_filter tests
Eric Leblond [Sun, 25 Sep 2022 17:39:59 +0000 (19:39 +0200)]
bug78: relax flow checking
Eric Leblond [Mon, 27 Jun 2022 04:17:31 +0000 (06:17 +0200)]
tests: add tests for ntlmssp keywords
Victor Julien [Wed, 21 Sep 2022 07:39:36 +0000 (09:39 +0200)]
tests: add http file with gap test
Victor Julien [Sat, 17 Sep 2022 12:30:17 +0000 (14:30 +0200)]
files: update for tx-files work
Philippe Antoine [Tue, 26 Jul 2022 14:28:42 +0000 (16:28 +0200)]
filestore: do not enforce a warning id
Victor Julien [Thu, 29 Sep 2022 08:50:25 +0000 (10:50 +0200)]
tests: tls nom7 updates
Victor Julien [Mon, 26 Sep 2022 08:37:48 +0000 (10:37 +0200)]
tests: flowbit bad rules handling for 6.0.7
Jason Ish [Thu, 22 Sep 2022 18:14:33 +0000 (12:14 -0600)]
incomplete-hex: check --init-errors-fatal
For version 6, non-fatal.
For version 7, fatal.
Jason Ish [Thu, 22 Sep 2022 18:07:34 +0000 (12:07 -0600)]
incomplete hex: test with strict content keyword
With strict content parsing, -T should fail out for version 6 and 7.
Jason Ish [Thu, 22 Sep 2022 18:03:09 +0000 (12:03 -0600)]
incomplete-hex: -T tests for version 6 and 7
For version 7, incomplete hex should lead to a -T failure. For
version 6, -T should pass.
Jason Ish [Tue, 20 Sep 2022 18:04:46 +0000 (12:04 -0600)]
test-bad-hex-rule-1: update output for Suricata 6.0.7
https://redmine.openinfosecfoundation.org/issues/5546
Victor Julien [Mon, 26 Sep 2022 08:33:56 +0000 (10:33 +0200)]
tests: limit tls fragmentation test to 7
Victor Julien [Thu, 18 Aug 2022 09:29:14 +0000 (11:29 +0200)]
tests: add test with sslv2 start
Victor Julien [Thu, 11 Aug 2022 19:03:19 +0000 (21:03 +0200)]
tests: add tls fragmentation test
Victor Julien [Thu, 11 Aug 2022 09:26:56 +0000 (11:26 +0200)]
tests: update ssl tests after event rework
Victor Julien [Mon, 19 Sep 2022 17:16:34 +0000 (19:16 +0200)]
tests: disable unittests as we investigate issues
Jason Ish [Thu, 15 Sep 2022 15:34:48 +0000 (09:34 -0600)]
runner: handle binary output from suricata stderr/stdout
Don't attempt to decode output from Suricata stderr/stdout as utf-8, it
is required for relaying the output from Suricata to the log files,
in fact, its not even desired. The log files should have a verbatim
copy of the output for analysis.
Only attempt to utf-8 decode the output when logging in verbose mode,
and then if that fails, fallback to logging the data as a byte buffer.
Victor Julien [Wed, 23 Feb 2022 19:59:43 +0000 (20:59 +0100)]
tests: run Suricata unittests
`ut-complete` runs all tests, but disables ASAN leak checks.
`ut-leakcheck` runs 500ish tests that should pass.
Victor Julien [Wed, 23 Feb 2022 18:26:23 +0000 (19:26 +0100)]
tests/iprep: add a non-matching rule
Shivani Bhardwaj [Wed, 23 Mar 2022 07:02:35 +0000 (12:32 +0530)]
gh/workflow: use enable-debug-validation w build
Juliana Fajardini [Wed, 17 Aug 2022 15:18:13 +0000 (12:18 -0300)]
tests: add ips midstream exception policy tests
Jason Ish [Thu, 4 Aug 2022 16:24:42 +0000 (10:24 -0600)]
runner: print suricata command line in verbose mode
Jason Ish [Thu, 4 Aug 2022 16:20:14 +0000 (10:20 -0600)]
runner: don't fail if the pcap filename is falsey
Instead, if the pcap filename is a "falsey" value in Python, treat it
like "pcap: false" in the requires section as this is an easy mistake to
make, and in some cases makes more sense to allow false where you could
also override the filename.
Jason Ish [Thu, 4 Aug 2022 15:51:59 +0000 (09:51 -0600)]
runner: error out on errors from the runner
Currently exceptions from tests that are not explicitly handled are lost
due to the way Python's multiprocessing module works. This means that
programming errors in the runner are silently ignore with the test not
being run or counted.
Instead, log the traceback for any unexpected exception and terminate
the runner, as this is programming error in the runner and should always
be fatal.
Philippe Antoine [Tue, 22 Feb 2022 08:20:26 +0000 (09:20 +0100)]
Adds quic ietf v1 test
Philippe Antoine [Thu, 2 Sep 2021 10:11:28 +0000 (12:11 +0200)]
Adds smb2 async test
Victor Julien [Fri, 17 Jun 2022 14:38:09 +0000 (16:38 +0200)]
tests: add tests to check flow drops
Jeff Lucovsky [Tue, 12 Jul 2022 13:18:09 +0000 (09:18 -0400)]
test/event: Test for reassembly depth reached event
Issue: 3512
This commit adds a test to validate that the stream reassembly depth
event fire.
Philippe Antoine [Tue, 12 Jul 2022 07:21:36 +0000 (09:21 +0200)]
Adds test for kerberos ticket_encryption
Jeff Lucovsky [Fri, 29 Jul 2022 12:53:40 +0000 (08:53 -0400)]
tests/lua: Byte-extract/byte-math tests
Issue: 2871
Benjamin Wilkins [Tue, 9 Nov 2021 21:00:13 +0000 (16:00 -0500)]
lua: Test byte_extract access from match scripts
Shivani Bhardwaj [Tue, 9 Aug 2022 05:14:35 +0000 (10:44 +0530)]
add test for broken smtp url logging
Shivani Bhardwaj [Wed, 27 Jul 2022 05:18:50 +0000 (10:48 +0530)]
tls: add test for tls.random keyword
Philippe Antoine [Mon, 22 Aug 2022 15:46:20 +0000 (17:46 +0200)]
Adds test about event for failed protocol change
Philippe Antoine [Thu, 25 Aug 2022 15:13:15 +0000 (17:13 +0200)]
dhcp: adds check about renewal_time keyword
Philippe Antoine [Thu, 25 Aug 2022 15:11:26 +0000 (17:11 +0200)]
dhcp: adds check about rebinding_time keyword
Philippe Antoine [Mon, 4 Jul 2022 12:36:57 +0000 (14:36 +0200)]
dhcp: adds test about leasetime keyword