]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5d7fae8)
http2-files: add comparison for fast.log output
authorJuliana Fajardini <jufajardini@gmail.com>
Tue, 15 Feb 2022 12:25:05 +0000 (12:25 +0000)
committerVictor Julien <victor@inliniac.net>
Tue, 22 Feb 2022 14:11:26 +0000 (15:11 +0100)
The idea is to compare that, each time, the alerts generated are queued
in the same order. This test was selected because it has several txs,
some of which trigger alerts for same signatures in the same packet,
and it failed with a bug related to alert queuing optimization.

tests/http2-files/expected/fast.log [new file with mode: 0644] patch | blob
tests/http2-files/suricata.yaml patch | blob | blame | history
tests/http2-files/test.yaml patch | blob | blame | history

diff --git a/tests/http2-files/expected/fast.log b/tests/http2-files/expected/fast.log
new file mode 100644 (file)
index 0000000..d0998bc
--- /dev/null
+++ b/tests/http2-files/expected/fast.log
@@ -0,0 +1,19 @@
+08/02/2014-10:50:25.816243  [**] [1:1:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.823699  [**] [1:6:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.823699  [**] [1:8:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.828791  [**] [1:1:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.828791  [**] [1:1:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.828791  [**] [1:1:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.828791  [**] [1:1:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.828791  [**] [1:1:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.828791  [**] [1:3:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.828986  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830473  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830473  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830719  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.830719  [**] [1:7:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.832311  [**] [1:4:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.833220  [**] [1:4:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
+08/02/2014-10:50:25.833365  [**] [1:5:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:3000 -> 0000:0000:0000:0000:0000:0000:0000:0001:56508
+08/02/2014-10:50:25.840964  [**] [1:2:1] (null) [**] [Classification: (null)] [Priority: 3] {TCP} 0000:0000:0000:0000:0000:0000:0000:0001:56508 -> 0000:0000:0000:0000:0000:0000:0000:0001:3000
diff --git a/tests/http2-files/suricata.yaml b/tests/http2-files/suricata.yaml
index 4aacee1d722c24f8d9f3068f4ddb1a06f1fbf5bb..b4d53adc8816985cac2a2b6e25a04bda954f9cc0 100644 (file)
--- a/tests/http2-files/suricata.yaml
+++ b/tests/http2-files/suricata.yaml
@@ -10,6 +10,8 @@ outputs:
         - files:
           force-magic: true
           force-hash: [md5, sha1, sha256]
+  - fast:
+      enabled: yes
 
 app-layer:
   protocols:
diff --git a/tests/http2-files/test.yaml b/tests/http2-files/test.yaml
index 6755444b3ef5595449d3bb3aa5bd239f1f20f753..ef4e7b0cca5b0c38bb43a7f319f5492f46a9aae5 100644 (file)
--- a/tests/http2-files/test.yaml
+++ b/tests/http2-files/test.yaml
@@ -10,6 +10,12 @@ args:
 
 checks:
 
+  # Check that the output order is always the same (we want to ensure that
+  # alerts are stored in the same order, and this check should cover that)
+  - file-compare:
+      filename: fast.log
+      expected: expected/fast.log
+
   # Check that there is one file event with content range.
   - filter:
       count: 1
Mirror of https://github.com/OISF/suricata-verify.git