]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: dd170f5)
tests: fixes after TCP changes 281/head
authorVictor Julien <victor@inliniac.net>
Sat, 6 Jun 2020 07:27:07 +0000 (09:27 +0200)
committerVictor Julien <victor@inliniac.net>
Tue, 28 Jul 2020 05:38:40 +0000 (07:38 +0200)
Fixes around ACK'd data.

tests/smtp-eve/test.yaml patch | blob | blame | history

diff --git a/tests/smtp-eve/test.yaml b/tests/smtp-eve/test.yaml
index bc59f92cd1b09fada3310f37da8e6c4a0fa610f9..924b7b55d87ba9cde62d5eeb4e96f035dc1f674b 100644 (file)
--- a/tests/smtp-eve/test.yaml
+++ b/tests/smtp-eve/test.yaml
@@ -14,7 +14,6 @@ checks:
       email.status: PARSE_DONE
       email.to[0]: <raj_deol2002in@yahoo.co.in>
       event_type: smtp
-      pcap_cnt: 46
       proto: TCP
       smtp.helo: GP
       smtp.mail_from: <gurpartap@patriots.in>
@@ -39,7 +38,50 @@ checks:
       fileinfo.state: CLOSED
       fileinfo.stored: false
       fileinfo.tx_id: 0
-      pcap_cnt: 46
+      proto: TCP
+      smtp.helo: GP
+      smtp.mail_from: <gurpartap@patriots.in>
+      smtp.rcpt_to[0]: <raj_deol2002in@yahoo.co.in>
+      src_ip: 10.10.1.4
+      src_port: 1470
+- filter:
+    version: 6
+    count: 1
+    match:
+      dest_ip: 74.53.140.153
+      dest_port: 25
+      email.attachment[0]: NEWS.txt
+      email.from: '"Gurpartap Singh" <gurpartap@patriots.in>'
+      email.status: PARSE_DONE
+      email.to[0]: <raj_deol2002in@yahoo.co.in>
+      event_type: smtp
+      pcap_cnt: 51
+      proto: TCP
+      smtp.helo: GP
+      smtp.mail_from: <gurpartap@patriots.in>
+      smtp.rcpt_to[0]: <raj_deol2002in@yahoo.co.in>
+      src_ip: 10.10.1.4
+      src_port: 1470
+      tx_id: 0
+- filter:
+    version: 6
+    count: 1
+    match:
+      app_proto: smtp
+      dest_ip: 74.53.140.153
+      dest_port: 25
+      email.attachment[0]: NEWS.txt
+      email.from: '"Gurpartap Singh" <gurpartap@patriots.in>'
+      email.status: PARSE_DONE
+      email.to[0]: <raj_deol2002in@yahoo.co.in>
+      event_type: fileinfo
+      fileinfo.filename: NEWS.txt
+      fileinfo.gaps: false
+      fileinfo.size: 10735
+      fileinfo.state: CLOSED
+      fileinfo.stored: false
+      fileinfo.tx_id: 0
+      pcap_cnt: 51
       proto: TCP
       smtp.helo: GP
       smtp.mail_from: <gurpartap@patriots.in>
Mirror of https://github.com/OISF/suricata-verify.git