add an eve dns v2 specific test

diff --git a/run.py b/run.py
index 23429c4df99c24763a1cc22026b51d7d82c8c1d6..e038bcb53b34aa5c18c7ef6e6720fd90050cc107 100755 (executable)
--- a/run.py
+++ b/run.py
@@ -361,9 +361,9 @@ class TestRunner:
                 for pattern, need_val in skip["config"].items():
                     for key, val in self.suricata_config.config.items():
                         if re.match(pattern, key):
-                            if need_val != val:
+                            if str(need_val) == str(val):
                                 raise UnsatisfiedRequirementError(
-                                    "requires %s = %s" % (
+                                    "not for %s = %s" % (
                                         key, need_val))
 
     def check_requires(self):
@@ -418,6 +418,21 @@ class TestRunner:
                         raise UnsatisfiedRequirementError(
                             "requires script returned false")
 
+            elif key == "config":
+                for pattern, need_val in requires["config"].items():
+                    found = False
+                    for key, val in self.suricata_config.config.items():
+                        if re.match(pattern, key):
+                            print("%s -> %s" % (pattern, key))
+                            if str(need_val) != str(val):
+                                raise UnsatisfiedRequirementError(
+                                    "requires %s = %s" % (
+                                        key, need_val))
+                    print(found)
+                    if not found:
+                        raise UnsatisfiedRequirementError(
+                            "requires %s = %s" % (pattern, need_val))
+
             elif key == "pcap":
                 # Handle below...
                 pass

diff --git a/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/README.md b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/README.md
new file mode 100644 (file)
index 0000000..e6728ad
--- /dev/null
+++ b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/README.md
@@ -0,0 +1,4 @@
+Test DNS EVE decoding/output for a basic DNS request.
+
+This test checks v2 of the eve/dns output.
+

diff --git a/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/dig-a-www.suricata-ids.org.pcap b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/dig-a-www.suricata-ids.org.pcap
new file mode 100644 (file)
index 0000000..663a679
Binary files /dev/null and b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/dig-a-www.suricata-ids.org.pcap differ

diff --git a/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/suricata.yaml b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/suricata.yaml
new file mode 100644 (file)
index 0000000..0bf62d2
--- /dev/null
+++ b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/suricata.yaml
@@ -0,0 +1,12 @@
+%YAML 1.1
+---
+
+include: ../../etc/suricata-4.0.3.yaml
+
+outputs:
+  - eve-log:
+      enabled: true
+      types:
+        - dns:
+            enabled: true
+            version: 2

diff --git a/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/test.yaml b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/test.yaml
new file mode 100644 (file)
index 0000000..e905bde
--- /dev/null
+++ b/tests/dns-eve-v2-udp-dig-a-www-suricata-ids-org/test.yaml
@@ -0,0 +1,26 @@
+requires:
+  features:
+    - HAVE_LIBJANSSON
+  min-version: 4.1.0
+  script:
+    - grep OutputAnswerV2 src/output-json-dns.c > /dev/null 2>&1
+
+checks:
+
+  - filter:
+      comment: request
+      count: 1
+      match:
+        event_type: dns
+        dns.type: query
+        dns.rrname: www.suricata-ids.org
+
+  - filter:
+      comment: response
+      count: 1
+      match:
+        event_type: dns
+        dns.type: answer
+        dns.answers[0].rrtype: CNAME
+        dns.answers[1].rrtype: A
+        dns.answers[2].rrtype: A