]> git.ipfire.org Git - thirdparty/suricata-verify.git/commit
projects / thirdparty / suricata-verify.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b337a34) | patch
tests: showcase endswith, distance + within usage
authorJuliana Fajardini <jufajardini@gmail.com>
Tue, 24 Sep 2024 21:33:54 +0000 (18:33 -0300)
committerVictor Julien <victor@inliniac.net>
Wed, 16 Oct 2024 09:22:58 +0000 (11:22 +0200)
commit9a98ed099bab42861b72d7145ac68ce66e5b08b3
treeb766eddc4e329832c1b41cdd1dadcfee6653a764tree
parentb337a349e45e8098f2c8976ebff5c1e222cb6ca1commit | diff
tests: showcase endswith, distance + within usage

Suricata docs state that `endswith` cannot be mixed with `offset`,
`within` or `distance` for the same pattern, but apparently, at least
from Suricata 7 on, this seems possible.

Tests created based on material and scenarios provided by Brandon
Murphy in the Redmine ticket.

Related to
Task #5030
tests/bug-docs-5030-01/35_bytes.pcap [new file with mode: 0644] blob
tests/bug-docs-5030-01/README.md [new file with mode: 0644] blob
tests/bug-docs-5030-01/test.rules [new file with mode: 0644] blob
tests/bug-docs-5030-01/test.yaml [new file with mode: 0644] blob
tests/bug-docs-5030-02/39_bytes.pcap [new file with mode: 0644] blob
tests/bug-docs-5030-02/README.md [new file with mode: 0644] blob
tests/bug-docs-5030-02/test.rules [new file with mode: 0644] blob
tests/bug-docs-5030-02/test.yaml [new file with mode: 0644] blob
Mirror of https://github.com/OISF/suricata-verify.git