tests: add testcases for SNMP

SNMP v2c, v3 (unauth and encrypted)

diff --git a/tests/snmp-v2c-get/README.md b/tests/snmp-v2c-get/README.md
new file mode 100644 (file)
index 0000000..a0e724f
--- /dev/null
+++ b/tests/snmp-v2c-get/README.md
@@ -0,0 +1,4 @@
+Test for accessing SNMP fields for v2c request/response PDU types.
+
+PCAP URL:
+  http://packetlife.net/captures/SNMPv2c_get_requests.cap

diff --git a/tests/snmp-v2c-get/SNMPv2c_get_requests.pcap b/tests/snmp-v2c-get/SNMPv2c_get_requests.pcap
new file mode 100644 (file)
index 0000000..3721fe6
Binary files /dev/null and b/tests/snmp-v2c-get/SNMPv2c_get_requests.pcap differ

diff --git a/tests/snmp-v2c-get/test.yaml b/tests/snmp-v2c-get/test.yaml
new file mode 100644 (file)
index 0000000..c84c2c4
--- /dev/null
+++ b/tests/snmp-v2c-get/test.yaml
@@ -0,0 +1,34 @@
+requires:
+  features:
+    - HAVE_LIBJANSSON
+    - RUST
+  files:
+    - rust/src/snmp/snmp.rs
+
+args:
+  - -k none
+
+checks:
+
+ - filter:
+     count: 8
+     match:
+       event_type: snmp
+       snmp.version: 2
+
+ - filter:
+     count: 3
+     match:
+       event_type: snmp
+       snmp.pdu_type: get_request
+       snmp.community: "[R0_C@cti!]"
+       snmp.version: 2
+
+ - filter:
+     count: 1
+     match:
+       event_type: snmp
+       snmp.pdu_type: get_next_request
+       snmp.community: "[R0_C@cti!]"
+       snmp.version: 2
+       snmp.vars: ["0.1"]

diff --git a/tests/snmp-v3-encrypted/README.md b/tests/snmp-v3-encrypted/README.md
new file mode 100644 (file)
index 0000000..9653e13
--- /dev/null
+++ b/tests/snmp-v3-encrypted/README.md
@@ -0,0 +1,4 @@
+Test for accessing SNMP fields for v3 request/response PDU types, with some encrypted PDUs.
+
+PCAP URL:
+  http://packetlife.net/captures/SNMPv3.cap

diff --git a/tests/snmp-v3-encrypted/SNMPv3.pcap b/tests/snmp-v3-encrypted/SNMPv3.pcap
new file mode 100644 (file)
index 0000000..93f2a24
Binary files /dev/null and b/tests/snmp-v3-encrypted/SNMPv3.pcap differ

diff --git a/tests/snmp-v3-encrypted/test.yaml b/tests/snmp-v3-encrypted/test.yaml
new file mode 100644 (file)
index 0000000..2f51f29
--- /dev/null
+++ b/tests/snmp-v3-encrypted/test.yaml
@@ -0,0 +1,31 @@
+requires:
+  features:
+    - HAVE_LIBJANSSON
+    - RUST
+  files:
+    - rust/src/snmp/snmp.rs
+
+args:
+  - -k none
+
+checks:
+
+ - filter:
+     count: 8
+     match:
+       event_type: snmp
+       snmp.version: 3
+
+ - filter:
+     count: 2
+     match:
+       event_type: snmp
+       snmp.pdu_type: get_request
+       snmp.version: 3
+
+ - filter:
+     count: 4
+     match:
+       event_type: snmp
+       snmp.pdu_type: encrypted
+       snmp.version: 3

diff --git a/tests/snmp-v3-unauth/README.md b/tests/snmp-v3-unauth/README.md
new file mode 100644 (file)
index 0000000..d0e7f31
--- /dev/null
+++ b/tests/snmp-v3-unauth/README.md
@@ -0,0 +1,3 @@
+Test for accessing SNMP fields for v3 request/response PDU types, without authentication nor encryption.
+
+PCAP generated using Net-SNMP daemon.

diff --git a/tests/snmp-v3-unauth/snmp-v3-get-bulk-unauth.pcapng b/tests/snmp-v3-unauth/snmp-v3-get-bulk-unauth.pcapng
new file mode 100644 (file)
index 0000000..bf9ce8c
Binary files /dev/null and b/tests/snmp-v3-unauth/snmp-v3-get-bulk-unauth.pcapng differ

diff --git a/tests/snmp-v3-unauth/test.yaml b/tests/snmp-v3-unauth/test.yaml
new file mode 100644 (file)
index 0000000..21149ef
--- /dev/null
+++ b/tests/snmp-v3-unauth/test.yaml
@@ -0,0 +1,31 @@
+requires:
+  features:
+    - HAVE_LIBJANSSON
+    - RUST
+  files:
+    - rust/src/snmp/snmp.rs
+
+args:
+  - -k none
+
+checks:
+
+ - filter:
+     count: 8
+     match:
+       event_type: snmp
+       snmp.version: 3
+
+ - filter:
+     count: 3
+     match:
+       event_type: snmp
+       snmp.pdu_type: get_request
+       snmp.version: 3
+
+ - filter:
+     count: 1
+     match:
+       event_type: snmp
+       snmp.pdu_type: get_bulk_request
+       snmp.version: 3