dnp3: test of dnp3 flow direction fix

diff --git a/tests/dnp3-midstream-confirm/README.md b/tests/dnp3-midstream-confirm/README.md
deleted file mode 100644 (file)
index 8330de0..0000000
--- a/tests/dnp3-midstream-confirm/README.md
+++ /dev/null
@@ -1,7 +0,0 @@
-# Description
-
-Test DNP3 probing parser direction when starting midstream
-
-# PCAP
-
-The pcap is a simple packet DNP3 confirm (answer from server)

diff --git a/tests/dnp3-midstream-confirm/dnp3_confirm.pcap b/tests/dnp3-midstream-confirm/dnp3_confirm.pcap
deleted file mode 100644 (file)
index 3dcf39d..0000000
Binary files a/tests/dnp3-midstream-confirm/dnp3_confirm.pcap and /dev/null differ

diff --git a/tests/dnp3-toclient-start/README.md b/tests/dnp3-toclient-start/README.md
new file mode 100644 (file)
index 0000000..8aaae5e
--- /dev/null
+++ b/tests/dnp3-toclient-start/README.md
@@ -0,0 +1,7 @@
+# Description
+
+Test DNP3 probing parser direction when starting to client from midstream
+
+# PCAP
+
+The pcap is a sequence of 5 packets starting from to client direction

diff --git a/tests/dnp3-toclient-start/dnp3_toclient_start.pcap b/tests/dnp3-toclient-start/dnp3_toclient_start.pcap
new file mode 100644 (file)
index 0000000..449b045
Binary files /dev/null and b/tests/dnp3-toclient-start/dnp3_toclient_start.pcap differ

diff --git a/tests/dnp3-midstream-confirm/test.yaml b/tests/dnp3-toclient-start/test.yaml
similarity index 78%
rename from tests/dnp3-midstream-confirm/test.yaml
rename to tests/dnp3-toclient-start/test.yaml
index 7089cb1015306166ea3fbf7ba308fc47849a9b9c..0643cd1a41ce4ff928330577fa84316e13defb71 100644 (file)
--- a/tests/dnp3-midstream-confirm/test.yaml
+++ b/tests/dnp3-toclient-start/test.yaml
@@ -13,4 +13,6 @@ checks:
       match:
         event_type: flow
         app_proto: dnp3
-        flow.pkts_toclient: 1
+        flow.pkts_toserver: 2
+        flow.pkts_toclient: 3
+        dest_port: 20000