]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8f04776)
tests: Updates for 6555
authorJeff Lucovsky <jlucovsky@oisf.net>
Thu, 15 Aug 2024 14:58:34 +0000 (10:58 -0400)
committerVictor Julien <victor@inliniac.net>
Tue, 24 Sep 2024 04:56:22 +0000 (06:56 +0200)
This commit provides updates needed for issue 6555. Previously, the gap
handling was restricted to master; 6555 adds those changes to main-7.0.x

Most of the changes are to extend the version; the
eve-payload-07-http-gap tests adds version-based checks as a new output
value payload_length is not available in main-7.0.x

14 files changed:
tests/eve-overlap-payload-01/test.yaml patch | blob | blame | history
tests/eve-overlap-payload-02-policy-oldlinux/test.yaml patch | blob | blame | history
tests/eve-overlap-payload-03-ips/test.yaml patch | blob | blame | history
tests/eve-overlap-payload-04-partial-overlap/test.yaml patch | blob | blame | history
tests/eve-overlap-payload-05-gap/test.yaml patch | blob | blame | history
tests/eve-payload-01-tcp-exact-overlap/test.yaml patch | blob | blame | history
tests/eve-payload-02-tcp-exact-overlap-policy-oldlinux/test.yaml patch | blob | blame | history
tests/eve-payload-03-tcp-exact-overlap-ips/test.yaml patch | blob | blame | history
tests/eve-payload-04-partial-overlap/test.yaml patch | blob | blame | history
tests/eve-payload-05-tcp-data-gap/test.yaml patch | blob | blame | history
tests/eve-payload-06-tcp-data-leading-gap/test.yaml patch | blob | blame | history
tests/eve-payload-07-http-gap/test.yaml patch | blob | blame | history
tests/smb2-frames-gap-payload-logging-02/test.yaml patch | blob | blame | history
tests/smb2-frames-gap-payload-logging/test.yaml patch | blob | blame | history

diff --git a/tests/eve-overlap-payload-01/test.yaml b/tests/eve-overlap-payload-01/test.yaml
index 4dfe9c6a1c1c45862fd86afbc539600e154a6af9..6e3b373a77585f02c42f1bef37491fa9c9765fee 100644 (file)
--- a/tests/eve-overlap-payload-01/test.yaml
+++ b/tests/eve-overlap-payload-01/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - -k none
diff --git a/tests/eve-overlap-payload-02-policy-oldlinux/test.yaml b/tests/eve-overlap-payload-02-policy-oldlinux/test.yaml
index d641ebbad687772ae25f4de8998699cc587a2faf..7baaedd769155033b5133e9b991544ce75e9458c 100644 (file)
--- a/tests/eve-overlap-payload-02-policy-oldlinux/test.yaml
+++ b/tests/eve-overlap-payload-02-policy-oldlinux/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - -k none
diff --git a/tests/eve-overlap-payload-03-ips/test.yaml b/tests/eve-overlap-payload-03-ips/test.yaml
index 0da9f7dbb8ca550f6e9efcae8d3082ce3b093e99..d0e0d349556e2771310039a94b0b622ace7b0e37 100644 (file)
--- a/tests/eve-overlap-payload-03-ips/test.yaml
+++ b/tests/eve-overlap-payload-03-ips/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - -k none
diff --git a/tests/eve-overlap-payload-04-partial-overlap/test.yaml b/tests/eve-overlap-payload-04-partial-overlap/test.yaml
index 2a8ef3cf0f4ab23280c0e49b868bb91b4884674e..f8a174dfcf1a67fd7ec01d693c30731ff1d2294d 100644 (file)
--- a/tests/eve-overlap-payload-04-partial-overlap/test.yaml
+++ b/tests/eve-overlap-payload-04-partial-overlap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 
 args:
diff --git a/tests/eve-overlap-payload-05-gap/test.yaml b/tests/eve-overlap-payload-05-gap/test.yaml
index 20c9011992a5147e8cbb7d4c9435739aadeff76f..a873a7889e80ce86d17a25ae674dd0f55933706a 100644 (file)
--- a/tests/eve-overlap-payload-05-gap/test.yaml
+++ b/tests/eve-overlap-payload-05-gap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 
 args:
diff --git a/tests/eve-payload-01-tcp-exact-overlap/test.yaml b/tests/eve-payload-01-tcp-exact-overlap/test.yaml
index 4dfe9c6a1c1c45862fd86afbc539600e154a6af9..6e3b373a77585f02c42f1bef37491fa9c9765fee 100644 (file)
--- a/tests/eve-payload-01-tcp-exact-overlap/test.yaml
+++ b/tests/eve-payload-01-tcp-exact-overlap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - -k none
diff --git a/tests/eve-payload-02-tcp-exact-overlap-policy-oldlinux/test.yaml b/tests/eve-payload-02-tcp-exact-overlap-policy-oldlinux/test.yaml
index d641ebbad687772ae25f4de8998699cc587a2faf..7baaedd769155033b5133e9b991544ce75e9458c 100644 (file)
--- a/tests/eve-payload-02-tcp-exact-overlap-policy-oldlinux/test.yaml
+++ b/tests/eve-payload-02-tcp-exact-overlap-policy-oldlinux/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - -k none
diff --git a/tests/eve-payload-03-tcp-exact-overlap-ips/test.yaml b/tests/eve-payload-03-tcp-exact-overlap-ips/test.yaml
index 0da9f7dbb8ca550f6e9efcae8d3082ce3b093e99..d0e0d349556e2771310039a94b0b622ace7b0e37 100644 (file)
--- a/tests/eve-payload-03-tcp-exact-overlap-ips/test.yaml
+++ b/tests/eve-payload-03-tcp-exact-overlap-ips/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - -k none
diff --git a/tests/eve-payload-04-partial-overlap/test.yaml b/tests/eve-payload-04-partial-overlap/test.yaml
index 2a8ef3cf0f4ab23280c0e49b868bb91b4884674e..f8a174dfcf1a67fd7ec01d693c30731ff1d2294d 100644 (file)
--- a/tests/eve-payload-04-partial-overlap/test.yaml
+++ b/tests/eve-payload-04-partial-overlap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 
 args:
diff --git a/tests/eve-payload-05-tcp-data-gap/test.yaml b/tests/eve-payload-05-tcp-data-gap/test.yaml
index 20c9011992a5147e8cbb7d4c9435739aadeff76f..a873a7889e80ce86d17a25ae674dd0f55933706a 100644 (file)
--- a/tests/eve-payload-05-tcp-data-gap/test.yaml
+++ b/tests/eve-payload-05-tcp-data-gap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 
 args:
diff --git a/tests/eve-payload-06-tcp-data-leading-gap/test.yaml b/tests/eve-payload-06-tcp-data-leading-gap/test.yaml
index 557aa1b054126219934e5af2516fcb440526d5b2..126a66dfa048190408762700d13bfe63e1ed303d 100644 (file)
--- a/tests/eve-payload-06-tcp-data-leading-gap/test.yaml
+++ b/tests/eve-payload-06-tcp-data-leading-gap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 
 args:
diff --git a/tests/eve-payload-07-http-gap/test.yaml b/tests/eve-payload-07-http-gap/test.yaml
index b469a94fcc432fd45536435b2855daee7885bf3c..e6fbb90776df8fea86d45f85e63e6dc1802d2144 100644 (file)
--- a/tests/eve-payload-07-http-gap/test.yaml
+++ b/tests/eve-payload-07-http-gap/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 pcap: ../http-gap-beyond-body/input.pcap
 
@@ -14,6 +14,7 @@ checks:
       alert.signature_id: 1
 - filter:
     count: 1
+    min-version: 8
     match:
       event_type: alert
       alert.signature_id: 1
@@ -21,6 +22,14 @@ checks:
       payload_length: 40
 - filter:
     count: 1
+    min-version: 7.0.7
+    match:
+      event_type: alert
+      alert.signature_id: 1
+      payload_printable: "GET /1 HTTP/1.0\r\nUser-Agent: Mozilla\r\n\r\n"
+- filter:
+    count: 1
+    min-version: 8
     match:
       event_type: alert
       alert.signature_id: 1
@@ -28,6 +37,14 @@ checks:
       payload_length: 80
 - filter:
     count: 1
+    min-version: 7.0.7
+    match:
+      event_type: alert
+      alert.signature_id: 1
+      payload_printable: "GET /1 HTTP/1.0\r\nUser-Agent: Mozilla\r\n\r\nGET /2 HTTP/1.0\r\nUser-Agent: Mozilla\r\n\r\n"
+- filter:
+    count: 1
+    min-version: 8
     match:
       event_type: alert
       alert.signature_id: 1
@@ -35,11 +52,26 @@ checks:
       payload_length: 120
 - filter:
     count: 1
+    min-version: 7.0.7
+    match:
+      event_type: alert
+      alert.signature_id: 1
+      payload_printable: "GET /1 HTTP/1.0\r\nUser-Agent: Mozilla\r\n\r\nGET /2 HTTP/1.0\r\nUser-Agent: Mozilla\r\n\r\nGET /3 HTTP/1.0\r\nUser-Agent: Mozilla\r\n\r\n"
+- filter:
+    count: 1
+    min-version: 8
     match:
       event_type: alert
       alert.signature_id: 2
       payload_printable: "HTTP/1.0 200 OK\r\nDate: Mon, 31 Aug 2009 20:25:50 GMT\r\nServer: Apache\r\nConnection: close\r\nContent-Type: text/html\r\nContent-Length: 12\r\n\r\n"
       payload_length: 136
+- filter:
+    count: 1
+    min-version: 7.0.7
+    match:
+      event_type: alert
+      alert.signature_id: 2
+      payload_printable: "HTTP/1.0 200 OK\r\nDate: Mon, 31 Aug 2009 20:25:50 GMT\r\nServer: Apache\r\nConnection: close\r\nContent-Type: text/html\r\nContent-Length: 12\r\n\r\n"
 - filter:
     count: 1
     match:
@@ -48,6 +80,7 @@ checks:
       payload_printable: "HTTP/1.0 200 OK\r\nDate: Mon, 31 Aug 2009 20:25:50 GMT\r\nServer: Apache\r\nConnection: close\r\nContent-Type: text/html\r\nContent-Length: 12\r\n\r\n[127 bytes missing]AAAAAAAAAAAAAAAAAAAAAAAAAAAA"
 - filter:
     count: 1
+    min-version: 8
     match:
       event_type: alert
       alert.signature_id: 4
diff --git a/tests/smb2-frames-gap-payload-logging-02/test.yaml b/tests/smb2-frames-gap-payload-logging-02/test.yaml
index f6a76271f0832b06975e7d59b381f78bcabd3567..33156706217c457c80b0a7d68e497393189edb4c 100644 (file)
--- a/tests/smb2-frames-gap-payload-logging-02/test.yaml
+++ b/tests/smb2-frames-gap-payload-logging-02/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - --set stream.midstream=true
diff --git a/tests/smb2-frames-gap-payload-logging/test.yaml b/tests/smb2-frames-gap-payload-logging/test.yaml
index 67432e67daef72ddab38b0b5e2c2a58998069642..89e385d67436e460f90e2f6765860b33daf85844 100644 (file)
--- a/tests/smb2-frames-gap-payload-logging/test.yaml
+++ b/tests/smb2-frames-gap-payload-logging/test.yaml
@@ -1,5 +1,5 @@
 requires:
-  min-version: 8
+  min-version: 7.0.7
 
 args:
 - --set stream.midstream=true
Mirror of https://github.com/OISF/suricata-verify.git