]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: ecbdd02)
unified2: remove obsolete test
authorPhilippe Antoine <pantoine@oisf.net>
Tue, 10 Dec 2024 13:50:08 +0000 (14:50 +0100)
committerVictor Julien <victor@inliniac.net>
Tue, 25 Feb 2025 07:16:13 +0000 (08:16 +0100)
Ticket: 2385

tests/http-xff-unified2/README.md [deleted file] patch | blob | blame | history
tests/http-xff-unified2/suricata.yaml [deleted file] patch | blob | blame | history
tests/http-xff-unified2/test.rules [deleted file] patch | blob | blame | history
tests/http-xff-unified2/test.yaml [deleted file] patch | blob | blame | history
tests/http-xff-unified2/xff-extradata.pcap [deleted file] patch | blob | blame | history

diff --git a/tests/http-xff-unified2/README.md b/tests/http-xff-unified2/README.md
deleted file mode 100644 (file)
index b195988..0000000
--- a/tests/http-xff-unified2/README.md
+++ /dev/null
@@ -1,32 +0,0 @@
-Test output of XFF in unified2 alert logging.
-
-## Related Issues and Pull Requests
-- https://redmine.openinfosecfoundation.org/issues/2305
-- https://github.com/OISF/suricata/pull/3119
-
-## PCAP origin
-
-https://redmine.openinfosecfoundation.org/attachments/1424/xff-extradata.pcap
-
-### Request Headers
-
-GET /~sgtatham/putty/0.60/x86/pscp.exe HTTP/1.1
-User-Agent: Wget/1.17.1 (linux-gnu)
-Accept: */*
-Accept-Encoding: identity
-Host: the.earth.li
-Connection: Keep-Alive
-X-Forwarded-For: 10.1.23.250, 10.1.23.250
-
-### Response Headers
-
-HTTP/1.1 200 OK
-Date: Wed, 27 Sep 2017 18:58:30 GMT
-Server: Apache
-Last-Modified: Sun, 29 Apr 2007 13:02:37 GMT
-ETag: "48000-42f3ffb92f540"
-Accept-Ranges: bytes
-Content-Length: 294912
-Keep-Alive: timeout=5, max=100
-Connection: Keep-Alive
-Content-Type: application/x-msdos-program
diff --git a/tests/http-xff-unified2/suricata.yaml b/tests/http-xff-unified2/suricata.yaml
deleted file mode 100644 (file)
index c6f1612..0000000
--- a/tests/http-xff-unified2/suricata.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-%YAML 1.1
----
-
-include: ../../etc/suricata-4.0.3.yaml
-
-outputs:
-  - unified2-alert:
-      enabled: yes
-      nostamp: yes
-      xff:
-        enabled: yes
-      payload: no
diff --git a/tests/http-xff-unified2/test.rules b/tests/http-xff-unified2/test.rules
deleted file mode 100644 (file)
index 78624d9..0000000
--- a/tests/http-xff-unified2/test.rules
+++ /dev/null
@@ -1 +0,0 @@
-alert http any any -> any any (msg:"TEST RULE"; content:"DOS mode"; http_server_body; sid:1; rev:1;)
diff --git a/tests/http-xff-unified2/test.yaml b/tests/http-xff-unified2/test.yaml
deleted file mode 100644 (file)
index 8e21281..0000000
--- a/tests/http-xff-unified2/test.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-requires:
-  script:
-    - grep Unified2XFFTypeAlert src/alert-unified2-alert.c > /dev/null 2>&1
-    # Require the idstools-u2json tool.
-    - which idstools-u2json > /dev/null 2>&1
-
-args:
-  - -k none
-
-pre-check: |
-  # Convert the unified2 to json.
-  idstools-u2json --output unified2.json unified2.alert 2> /dev/null
-
-checks:
-  - filter:
-      filename: unified2.json
-      count: 1
-      match:
-        type: event
-  - filter:
-      filename: unified2.json
-      count: 1
-      match:
-        type: extra-data
-        extra-data.extra-data-type: xff_ip4
diff --git a/tests/http-xff-unified2/xff-extradata.pcap b/tests/http-xff-unified2/xff-extradata.pcap
deleted file mode 100644 (file)
index fcea739..0000000
Binary files a/tests/http-xff-unified2/xff-extradata.pcap and /dev/null differ
Mirror of https://github.com/OISF/suricata-verify.git