Adds check for http2 file gzip decompression

author Philippe Antoine <contact@catenacyber.fr>

Thu, 12 Nov 2020 09:48:49 +0000 (10:48 +0100)

committer Victor Julien <victor@inliniac.net>

Sat, 23 Jan 2021 17:35:47 +0000 (18:35 +0100)
author Philippe Antoine <contact@catenacyber.fr>
Thu, 12 Nov 2020 09:48:49 +0000 (10:48 +0100)
committer Victor Julien <victor@inliniac.net>
Sat, 23 Jan 2021 17:35:47 +0000 (18:35 +0100)
diff --git a/tests/http2-bugfixes/suricata.yaml b/tests/http2-bugfixes/suricata.yaml

index 0b72e6cabe8f83bdb49a4ddb2eed396bc32d1f6f..3d9bb8e149a6ef0bc076a2012710ff812b646597 100644 (file)
--- a/tests/http2-bugfixes/suricata.yaml
+++ b/tests/http2-bugfixes/suricata.yaml
@@ -6,6 +6,7 @@ outputs:
        enabled: true
        types:
          - alert
+        - files
          - http2
          - anomaly
  
diff --git a/tests/http2-bugfixes/test.yaml b/tests/http2-bugfixes/test.yaml

index 8db25b020614f47803ae3ce4ef256857b6f3c11b..d6269d9cc0491e8073610632194b3476e68ca5bf 100644 (file)
--- a/tests/http2-bugfixes/test.yaml
+++ b/tests/http2-bugfixes/test.yaml
@@ -14,3 +14,8 @@ checks:
        count: 0
        match:
          event_type: anomaly
+  - filter:
+      count: 1
+      match:
+        event_type: fileinfo
+        fileinfo.size: 639
author	Philippe Antoine <contact@catenacyber.fr>
	Thu, 12 Nov 2020 09:48:49 +0000 (10:48 +0100)
committer	Victor Julien <victor@inliniac.net>
	Sat, 23 Jan 2021 17:35:47 +0000 (18:35 +0100)
tests/http2-bugfixes/suricata.yaml		patch \| blob \| blame \| history
tests/http2-bugfixes/test.yaml		patch \| blob \| blame \| history