tests: flowbit bad rules handling for 6.0.7

author Victor Julien <victor@inliniac.net>

Mon, 26 Sep 2022 08:37:48 +0000 (10:37 +0200)

committer Victor Julien <victor@inliniac.net>

Mon, 26 Sep 2022 15:55:40 +0000 (17:55 +0200)
author Victor Julien <victor@inliniac.net>
Mon, 26 Sep 2022 08:37:48 +0000 (10:37 +0200)
committer Victor Julien <victor@inliniac.net>
Mon, 26 Sep 2022 15:55:40 +0000 (17:55 +0200)
diff --git a/tests/flowbit-bad-rules-6-01/empty.pcap b/tests/flowbit-bad-rules-6-01/empty.pcap

new file mode 100644 (file)

index 0000000..4f9600e

Binary files /dev/null and b/tests/flowbit-bad-rules-6-01/empty.pcap differ
diff --git a/tests/flowbit-bad-rules-6-01/test.rules b/tests/flowbit-bad-rules-6-01/test.rules

new file mode 100644 (file)

index 0000000..7100ba2
--- /dev/null
+++ b/tests/flowbit-bad-rules-6-01/test.rules
@@ -0,0 +1 @@
+alert ip any any -> any any (msg:"BAD rule"; flowbits:isset,abc,noalert; sid:1;)
diff --git a/tests/flowbit-bad-rules-6-01/test.yaml b/tests/flowbit-bad-rules-6-01/test.yaml

new file mode 100644 (file)

index 0000000..512cd24
--- /dev/null
+++ b/tests/flowbit-bad-rules-6-01/test.yaml
@@ -0,0 +1,7 @@
+requires:
+  lt-version: 7
+
+args:
+  - --init-errors-fatal
+
+exit-code: 0
diff --git a/tests/flowbit-bad-rules-6-02/empty.pcap b/tests/flowbit-bad-rules-6-02/empty.pcap

new file mode 100644 (file)

index 0000000..4f9600e

Binary files /dev/null and b/tests/flowbit-bad-rules-6-02/empty.pcap differ
diff --git a/tests/flowbit-bad-rules-6-02/test.rules b/tests/flowbit-bad-rules-6-02/test.rules

new file mode 100644 (file)

index 0000000..7100ba2
--- /dev/null
+++ b/tests/flowbit-bad-rules-6-02/test.rules
@@ -0,0 +1 @@
+alert ip any any -> any any (msg:"BAD rule"; flowbits:isset,abc,noalert; sid:1;)
diff --git a/tests/flowbit-bad-rules-6-02/test.yaml b/tests/flowbit-bad-rules-6-02/test.yaml

new file mode 100644 (file)

index 0000000..767e193
--- /dev/null
+++ b/tests/flowbit-bad-rules-6-02/test.yaml
@@ -0,0 +1,8 @@
+requires:
+  lt-version: 7
+
+args:
+  - --init-errors-fatal
+  - --strict-rule-keywords=flowbits
+
+exit-code: 1
diff --git a/tests/flowbit-bad-rules-6-03/empty.pcap b/tests/flowbit-bad-rules-6-03/empty.pcap

new file mode 100644 (file)

index 0000000..4f9600e

Binary files /dev/null and b/tests/flowbit-bad-rules-6-03/empty.pcap differ
diff --git a/tests/flowbit-bad-rules-6-03/test.rules b/tests/flowbit-bad-rules-6-03/test.rules

new file mode 100644 (file)

index 0000000..7100ba2
--- /dev/null
+++ b/tests/flowbit-bad-rules-6-03/test.rules
@@ -0,0 +1 @@
+alert ip any any -> any any (msg:"BAD rule"; flowbits:isset,abc,noalert; sid:1;)
diff --git a/tests/flowbit-bad-rules-6-03/test.yaml b/tests/flowbit-bad-rules-6-03/test.yaml

new file mode 100644 (file)

index 0000000..9805a7b
--- /dev/null
+++ b/tests/flowbit-bad-rules-6-03/test.yaml
@@ -0,0 +1,8 @@
+requires:
+  lt-version: 7
+
+args:
+  - --init-errors-fatal
+  - --strict-rule-keywords=all
+
+exit-code: 1
author	Victor Julien <victor@inliniac.net>
	Mon, 26 Sep 2022 08:37:48 +0000 (10:37 +0200)
committer	Victor Julien <victor@inliniac.net>
	Mon, 26 Sep 2022 15:55:40 +0000 (17:55 +0200)
tests/flowbit-bad-rules-6-01/empty.pcap	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-01/test.rules	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-01/test.yaml	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-02/empty.pcap	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-02/test.rules	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-02/test.yaml	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-03/empty.pcap	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-03/test.rules	[new file with mode: 0644]	patch \| blob
tests/flowbit-bad-rules-6-03/test.yaml	[new file with mode: 0644]	patch \| blob