From 0221b5ec8875bd3a22a060c14df71ddef2183a22 Mon Sep 17 00:00:00 2001 From: Juliana Fajardini Date: Tue, 24 Jun 2025 15:32:45 -0300 Subject: [PATCH] tests: update triggered exception flow output ones To 7.0.12 Related to backport ticket Task #7623 --- tests/exception-policy-applayer-01/suricata.yaml | 3 ++- tests/exception-policy-applayer-01/test.yaml | 2 +- tests/exception-policy-applayer-02/suricata.yaml | 3 ++- tests/exception-policy-applayer-02/test.yaml | 2 +- tests/exception-policy-applayer-03/suricata.yaml | 3 ++- tests/exception-policy-applayer-03/test.yaml | 1 - tests/exception-policy-default-01/test.yaml | 2 +- tests/exception-policy-default-02/suricata.yaml | 3 ++- tests/exception-policy-default-02/test.yaml | 2 +- tests/exception-policy-default-03/suricata.yaml | 3 ++- tests/exception-policy-default-03/test.yaml | 2 +- tests/exception-policy-default-04/suricata.yaml | 3 ++- tests/exception-policy-default-04/test.yaml | 2 +- .../exception-policy-master-switch-01/suricata.yaml | 3 ++- .../exception-policy-master-switch-01/test.yaml | 2 +- .../exception-policy-master-switch-02/suricata.yaml | 3 ++- .../exception-policy-master-switch-02/test.yaml | 2 +- .../exception-policy-master-switch-03/suricata.yaml | 3 ++- .../exception-policy-master-switch-03/test.yaml | 2 +- .../exception-policy-master-switch-04/suricata.yaml | 3 ++- .../exception-policy-master-switch-04/test.yaml | 2 +- .../exception-policy-master-switch-05/suricata.yaml | 3 ++- .../exception-policy-master-switch-05/test.yaml | 2 +- .../exception-policy-master-switch-06/suricata.yaml | 3 ++- .../exception-policy-master-switch-06/test.yaml | 2 +- .../exception-policy-master-switch-07/suricata.yaml | 3 ++- .../exception-policy-master-switch-07/test.yaml | 2 +- tests/exception-policy-midstream-01/suricata.yaml | 3 ++- tests/exception-policy-midstream-01/test.yaml | 2 +- tests/exception-policy-midstream-02/suricata.yaml | 3 ++- tests/exception-policy-midstream-02/test.yaml | 2 +- tests/exception-policy-midstream-03/suricata.yaml | 3 ++- tests/exception-policy-midstream-03/test.yaml | 2 +- tests/exception-policy-midstream-04/suricata.yaml | 3 ++- tests/exception-policy-midstream-04/test.yaml | 2 +- tests/exception-policy-midstream-05/suricata.yaml | 3 ++- tests/exception-policy-midstream-05/test.yaml | 2 +- tests/exception-policy-midstream-06/suricata.yaml | 5 +++-- tests/exception-policy-midstream-06/test.yaml | 2 +- tests/exception-policy-midstream-07/suricata.yaml | 3 ++- tests/exception-policy-midstream-07/test.yaml | 2 +- tests/exception-policy-reject-action-01/suricata.yaml | 5 +++-- tests/exception-policy-reject-action-01/test.yaml | 2 +- tests/exception-policy-simulated-flow-memcap/suricata.yaml | 3 ++- tests/exception-policy-simulated-flow-memcap/test.yaml | 2 +- .../suricata.yaml | 3 ++- tests/exception-policy-stream-reassembly-memcap-01/test.yaml | 2 +- .../suricata.yaml | 3 ++- tests/exception-policy-stream-reassembly-memcap-02/test.yaml | 2 +- .../suricata.yaml | 3 ++- tests/exception-policy-stream-reassembly-memcap-03/test.yaml | 2 +- .../suricata.yaml | 3 ++- tests/exception-policy-stream-reassembly-memcap-04/test.yaml | 2 +- .../suricata.yaml | 3 ++- tests/exception-policy-stream-reassembly-memcap-05/test.yaml | 2 +- .../suricata.yaml | 3 ++- tests/exception-policy-stream-reassembly-memcap-06/test.yaml | 2 +- tests/exception-policy-stream-ssn-memcap-01/suricata.yaml | 3 ++- tests/exception-policy-stream-ssn-memcap-01/test.yaml | 2 +- 59 files changed, 89 insertions(+), 61 deletions(-) diff --git a/tests/exception-policy-applayer-01/suricata.yaml b/tests/exception-policy-applayer-01/suricata.yaml index 0f00268ae..7247262a8 100644 --- a/tests/exception-policy-applayer-01/suricata.yaml +++ b/tests/exception-policy-applayer-01/suricata.yaml @@ -28,7 +28,8 @@ outputs: totals: yes threads: no deltas: no - - flow + - flow: + exception-policy: true - stats: enabled: yes filename: stats.log diff --git a/tests/exception-policy-applayer-01/test.yaml b/tests/exception-policy-applayer-01/test.yaml index 77b3b4b27..aef44cb9a 100644 --- a/tests/exception-policy-applayer-01/test.yaml +++ b/tests/exception-policy-applayer-01/test.yaml @@ -61,7 +61,7 @@ checks: stats.exception_policy.app_layer.error.pass_flow: 0 not-has-key: stats.app_layer.error.tls.exception_policy.drop_flow - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-applayer-02/suricata.yaml b/tests/exception-policy-applayer-02/suricata.yaml index d4e88fb3e..ea73d550f 100644 --- a/tests/exception-policy-applayer-02/suricata.yaml +++ b/tests/exception-policy-applayer-02/suricata.yaml @@ -22,7 +22,8 @@ outputs: totals: yes threads: no deltas: no - - flow + - flow: + exception-policy: true - stats: enabled: yes filename: stats.log diff --git a/tests/exception-policy-applayer-02/test.yaml b/tests/exception-policy-applayer-02/test.yaml index 774f5fc4e..67ff2770b 100644 --- a/tests/exception-policy-applayer-02/test.yaml +++ b/tests/exception-policy-applayer-02/test.yaml @@ -50,7 +50,7 @@ checks: stats.app_layer.error.tls.exception_policy.drop_packet: 0 stats.exception_policy.app_layer.error.pass_packet: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-applayer-03/suricata.yaml b/tests/exception-policy-applayer-03/suricata.yaml index cc8b6a128..d49eb4e1b 100644 --- a/tests/exception-policy-applayer-03/suricata.yaml +++ b/tests/exception-policy-applayer-03/suricata.yaml @@ -26,7 +26,8 @@ outputs: totals: yes threads: no deltas: no - - flow + - flow: + exception-policy: true - stats: enabled: yes filename: stats.log diff --git a/tests/exception-policy-applayer-03/test.yaml b/tests/exception-policy-applayer-03/test.yaml index 286599722..042e7e4ea 100644 --- a/tests/exception-policy-applayer-03/test.yaml +++ b/tests/exception-policy-applayer-03/test.yaml @@ -72,7 +72,6 @@ checks: stats.exception_policy.app_layer.error.pass_packet: 1 stats.exception_policy.app_layer.error.drop_packet: 0 - filter: - min-version: 8 count: 1 match: event_type: flow diff --git a/tests/exception-policy-default-01/test.yaml b/tests/exception-policy-default-01/test.yaml index a1f731d09..e1af08f10 100644 --- a/tests/exception-policy-default-01/test.yaml +++ b/tests/exception-policy-default-01/test.yaml @@ -23,7 +23,7 @@ checks: event_type: tls tls.sni: example.com - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-default-02/suricata.yaml b/tests/exception-policy-default-02/suricata.yaml index bceace8ff..9d2e0f40e 100644 --- a/tests/exception-policy-default-02/suricata.yaml +++ b/tests/exception-policy-default-02/suricata.yaml @@ -21,7 +21,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-default-02/test.yaml b/tests/exception-policy-default-02/test.yaml index 738756b05..b785004cc 100644 --- a/tests/exception-policy-default-02/test.yaml +++ b/tests/exception-policy-default-02/test.yaml @@ -13,7 +13,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-default-03/suricata.yaml b/tests/exception-policy-default-03/suricata.yaml index 5a86dcd0f..cee2c2f94 100644 --- a/tests/exception-policy-default-03/suricata.yaml +++ b/tests/exception-policy-default-03/suricata.yaml @@ -24,7 +24,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - stats - drop: diff --git a/tests/exception-policy-default-03/test.yaml b/tests/exception-policy-default-03/test.yaml index 2cddd8c16..1442b1c76 100644 --- a/tests/exception-policy-default-03/test.yaml +++ b/tests/exception-policy-default-03/test.yaml @@ -37,7 +37,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-default-04/suricata.yaml b/tests/exception-policy-default-04/suricata.yaml index 727e94710..a7b7044f4 100644 --- a/tests/exception-policy-default-04/suricata.yaml +++ b/tests/exception-policy-default-04/suricata.yaml @@ -21,7 +21,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-default-04/test.yaml b/tests/exception-policy-default-04/test.yaml index 88191d798..88e6d4b72 100644 --- a/tests/exception-policy-default-04/test.yaml +++ b/tests/exception-policy-default-04/test.yaml @@ -24,7 +24,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml index db6536fe9..285093940 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml @@ -21,7 +21,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml index e072344d6..07b26450c 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml @@ -36,7 +36,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-02/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-02/suricata.yaml index e9d7d7df5..a5dfa6d92 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-02/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-02/suricata.yaml @@ -21,7 +21,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-02/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-02/test.yaml index 41369a3cd..7862ac471 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-02/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-02/test.yaml @@ -26,7 +26,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-03/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-03/suricata.yaml index b0edf36d6..9b05c853e 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-03/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-03/suricata.yaml @@ -21,7 +21,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-03/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-03/test.yaml index 302d878f5..8d141f353 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-03/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-03/test.yaml @@ -26,7 +26,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml index 07c578942..9365d6e6f 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml @@ -25,7 +25,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - stats - drop: diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml index b907f784c..33155089d 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml @@ -27,7 +27,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-05/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-05/suricata.yaml index e9d7d7df5..a5dfa6d92 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-05/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-05/suricata.yaml @@ -21,7 +21,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-05/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-05/test.yaml index e34973a03..ffa0bf886 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-05/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-05/test.yaml @@ -21,7 +21,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml index 8a29066ec..d92490045 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml @@ -25,7 +25,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - stats - drop: diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml index 79cd4cced..9a5ad4221 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml @@ -37,7 +37,7 @@ checks: log_level: Warning engine.module: exception-policy - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml index c5bbe3e8a..c1bdcfebb 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml @@ -25,7 +25,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - stats - drop: diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml index 6a59a209c..4c753838a 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml @@ -37,7 +37,7 @@ checks: log_level: Warning engine.module: exception-policy - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-01/suricata.yaml b/tests/exception-policy-midstream-01/suricata.yaml index 9d62a8033..16550c3e6 100644 --- a/tests/exception-policy-midstream-01/suricata.yaml +++ b/tests/exception-policy-midstream-01/suricata.yaml @@ -26,7 +26,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - http - drop: alerts: yes diff --git a/tests/exception-policy-midstream-01/test.yaml b/tests/exception-policy-midstream-01/test.yaml index 05a9a9b70..f820a2cc4 100644 --- a/tests/exception-policy-midstream-01/test.yaml +++ b/tests/exception-policy-midstream-01/test.yaml @@ -25,7 +25,7 @@ checks: event_type: stats stats.exception_policy.tcp.midstream.pass_flow: 9 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-02/suricata.yaml b/tests/exception-policy-midstream-02/suricata.yaml index b463dd27c..4d21772eb 100644 --- a/tests/exception-policy-midstream-02/suricata.yaml +++ b/tests/exception-policy-midstream-02/suricata.yaml @@ -20,5 +20,6 @@ outputs: alerts: yes # log alerts that caused drops flows: start # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats diff --git a/tests/exception-policy-midstream-02/test.yaml b/tests/exception-policy-midstream-02/test.yaml index 2c69d0954..b0f4867eb 100644 --- a/tests/exception-policy-midstream-02/test.yaml +++ b/tests/exception-policy-midstream-02/test.yaml @@ -37,7 +37,7 @@ checks: event_type: stats stats.exception_policy.tcp.midstream.drop_flow: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-03/suricata.yaml b/tests/exception-policy-midstream-03/suricata.yaml index 32f0f4aa2..950d2ef93 100644 --- a/tests/exception-policy-midstream-03/suricata.yaml +++ b/tests/exception-policy-midstream-03/suricata.yaml @@ -13,7 +13,8 @@ outputs: payload-printable: yes packet: yes http: yes - - flow + - flow: + exception-policy: true - http - stats - stats: diff --git a/tests/exception-policy-midstream-03/test.yaml b/tests/exception-policy-midstream-03/test.yaml index 3974e7dc3..a46f0fc83 100644 --- a/tests/exception-policy-midstream-03/test.yaml +++ b/tests/exception-policy-midstream-03/test.yaml @@ -25,7 +25,7 @@ checks: event_type: http dest_port: 80 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-04/suricata.yaml b/tests/exception-policy-midstream-04/suricata.yaml index bf3a180c2..ea76cdfcc 100644 --- a/tests/exception-policy-midstream-04/suricata.yaml +++ b/tests/exception-policy-midstream-04/suricata.yaml @@ -10,7 +10,8 @@ outputs: enabled: yes types: - alert - - flow + - flow: + exception-policy: true - http - stats - stats: diff --git a/tests/exception-policy-midstream-04/test.yaml b/tests/exception-policy-midstream-04/test.yaml index e47c1333d..42a60bdcc 100644 --- a/tests/exception-policy-midstream-04/test.yaml +++ b/tests/exception-policy-midstream-04/test.yaml @@ -26,7 +26,7 @@ checks: event_type: stats stats.exception_policy.tcp.midstream.pass_flow: 2 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-05/suricata.yaml b/tests/exception-policy-midstream-05/suricata.yaml index b994fe2b7..3e311376a 100644 --- a/tests/exception-policy-midstream-05/suricata.yaml +++ b/tests/exception-policy-midstream-05/suricata.yaml @@ -25,7 +25,8 @@ outputs: mode: extra-data deployment: reverse header: X-Forwarded-For - - flow + - flow: + exception-policy: true - stats - http - drop: diff --git a/tests/exception-policy-midstream-05/test.yaml b/tests/exception-policy-midstream-05/test.yaml index 4fbba7bea..8b1be07a4 100644 --- a/tests/exception-policy-midstream-05/test.yaml +++ b/tests/exception-policy-midstream-05/test.yaml @@ -25,7 +25,7 @@ checks: event_type: stats stats.exception_policy.tcp.midstream.bypass: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-06/suricata.yaml b/tests/exception-policy-midstream-06/suricata.yaml index 4f94ed11e..8086db31b 100644 --- a/tests/exception-policy-midstream-06/suricata.yaml +++ b/tests/exception-policy-midstream-06/suricata.yaml @@ -9,8 +9,9 @@ outputs: - eve-log: enabled: yes types: - - alert: - - flow + - alert + - flow: + exception-policy: true - http - stats - drop: diff --git a/tests/exception-policy-midstream-06/test.yaml b/tests/exception-policy-midstream-06/test.yaml index 084613b0f..8a7f74dba 100644 --- a/tests/exception-policy-midstream-06/test.yaml +++ b/tests/exception-policy-midstream-06/test.yaml @@ -23,7 +23,7 @@ checks: event_type: stats stats.exception_policy.tcp.midstream.drop_flow: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-midstream-07/suricata.yaml b/tests/exception-policy-midstream-07/suricata.yaml index 67597409a..f196c772e 100644 --- a/tests/exception-policy-midstream-07/suricata.yaml +++ b/tests/exception-policy-midstream-07/suricata.yaml @@ -8,7 +8,8 @@ outputs: filename: eve.json types: - alert - - flow + - flow: + exception-policy: true - smb - drop: alerts: yes diff --git a/tests/exception-policy-midstream-07/test.yaml b/tests/exception-policy-midstream-07/test.yaml index 644bb2125..67af543aa 100644 --- a/tests/exception-policy-midstream-07/test.yaml +++ b/tests/exception-policy-midstream-07/test.yaml @@ -19,7 +19,7 @@ checks: match: event_type: smb - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-reject-action-01/suricata.yaml b/tests/exception-policy-reject-action-01/suricata.yaml index d8f4722e9..509bf1914 100644 --- a/tests/exception-policy-reject-action-01/suricata.yaml +++ b/tests/exception-policy-reject-action-01/suricata.yaml @@ -5,8 +5,9 @@ outputs: - eve-log: enabled: yes types: - - alert: - - flow + - alert + - flow: + exception-policy: true - http - stats - drop: diff --git a/tests/exception-policy-reject-action-01/test.yaml b/tests/exception-policy-reject-action-01/test.yaml index a1cda30d1..46711fa78 100644 --- a/tests/exception-policy-reject-action-01/test.yaml +++ b/tests/exception-policy-reject-action-01/test.yaml @@ -19,7 +19,7 @@ checks: event_type: flow flow.action: drop - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-simulated-flow-memcap/suricata.yaml b/tests/exception-policy-simulated-flow-memcap/suricata.yaml index e9aab5f9a..7431bbe86 100644 --- a/tests/exception-policy-simulated-flow-memcap/suricata.yaml +++ b/tests/exception-policy-simulated-flow-memcap/suricata.yaml @@ -23,7 +23,8 @@ outputs: - drop: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop - - flow + - flow: + exception-policy: true - stats exception-policy: ignore diff --git a/tests/exception-policy-simulated-flow-memcap/test.yaml b/tests/exception-policy-simulated-flow-memcap/test.yaml index 56fac5be2..4a94af70f 100644 --- a/tests/exception-policy-simulated-flow-memcap/test.yaml +++ b/tests/exception-policy-simulated-flow-memcap/test.yaml @@ -40,7 +40,7 @@ checks: stats.exception_policy.flow.memcap.drop_packet: 1 stats.exception_policy.flow.memcap.pass_packet: 0 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml index 30bc85d71..7fff7b701 100644 --- a/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml @@ -24,7 +24,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats: totals: yes # stats for all threads merged together threads: no # per thread stats diff --git a/tests/exception-policy-stream-reassembly-memcap-01/test.yaml b/tests/exception-policy-stream-reassembly-memcap-01/test.yaml index ad59cf1c8..1413f4111 100644 --- a/tests/exception-policy-stream-reassembly-memcap-01/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-01/test.yaml @@ -55,7 +55,7 @@ checks: stats.ips.drop_reason.stream_reassembly: 1 stats.exception_policy.tcp.reassembly.drop_flow: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml index 67c3f4f34..9e2882042 100644 --- a/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml @@ -23,7 +23,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats action-order: - pass diff --git a/tests/exception-policy-stream-reassembly-memcap-02/test.yaml b/tests/exception-policy-stream-reassembly-memcap-02/test.yaml index 95e257d04..157d40743 100644 --- a/tests/exception-policy-stream-reassembly-memcap-02/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-02/test.yaml @@ -33,7 +33,7 @@ checks: app_proto: tls flow.action: pass - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml index ed429c882..615fc5b78 100644 --- a/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml @@ -19,7 +19,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats stats: diff --git a/tests/exception-policy-stream-reassembly-memcap-03/test.yaml b/tests/exception-policy-stream-reassembly-memcap-03/test.yaml index 0ceed1d6a..c6bec393d 100644 --- a/tests/exception-policy-stream-reassembly-memcap-03/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-03/test.yaml @@ -31,7 +31,7 @@ checks: event_type: flow flow.state: bypassed - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml index 626211544..e643d9212 100644 --- a/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml @@ -17,7 +17,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats: totals: yes # stats for all threads merged together threads: no # per thread stats diff --git a/tests/exception-policy-stream-reassembly-memcap-04/test.yaml b/tests/exception-policy-stream-reassembly-memcap-04/test.yaml index d13ce3bdf..1d0109b3e 100644 --- a/tests/exception-policy-stream-reassembly-memcap-04/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-04/test.yaml @@ -53,7 +53,7 @@ checks: event_type: stats stats.ips.drop_reason.stream_reassembly: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml index 626211544..e643d9212 100644 --- a/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml @@ -17,7 +17,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats: totals: yes # stats for all threads merged together threads: no # per thread stats diff --git a/tests/exception-policy-stream-reassembly-memcap-05/test.yaml b/tests/exception-policy-stream-reassembly-memcap-05/test.yaml index 7ffe07f20..2a3647a58 100644 --- a/tests/exception-policy-stream-reassembly-memcap-05/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-05/test.yaml @@ -54,7 +54,7 @@ checks: event_type: stats stats.ips.drop_reason.stream_reassembly: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml index 37a8865a9..4e1d50438 100644 --- a/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml @@ -17,7 +17,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats - stats: diff --git a/tests/exception-policy-stream-reassembly-memcap-06/test.yaml b/tests/exception-policy-stream-reassembly-memcap-06/test.yaml index e34e39cd2..d276e7ec7 100644 --- a/tests/exception-policy-stream-reassembly-memcap-06/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-06/test.yaml @@ -54,7 +54,7 @@ checks: event_type: stats stats.exception_policy.tcp.reassembly.pass_packet: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow diff --git a/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml b/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml index 73c956016..c4f6c982c 100644 --- a/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml +++ b/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml @@ -23,7 +23,8 @@ outputs: alerts: yes # log alerts that caused drops flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - - flow + - flow: + exception-policy: true - stats action-order: diff --git a/tests/exception-policy-stream-ssn-memcap-01/test.yaml b/tests/exception-policy-stream-ssn-memcap-01/test.yaml index 4726fa032..71f4a8465 100644 --- a/tests/exception-policy-stream-ssn-memcap-01/test.yaml +++ b/tests/exception-policy-stream-ssn-memcap-01/test.yaml @@ -58,7 +58,7 @@ checks: event_type: stats stats.exception_policy.tcp.ssn_memcap.drop_flow: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: flow -- 2.47.3