tests: engine-analysis tests for ip_only rule type

To accompany rule types documentation.

Related to
Task #7031

diff --git a/tests/rules/rule-type-ip-only/test.rules b/tests/rules/rule-type-ip-only/test.rules
new file mode 100644 (file)
index 0000000..c327c42
--- /dev/null
+++ b/tests/rules/rule-type-ip-only/test.rules
@@ -0,0 +1,4 @@
+# IP Only Rules
+alert tcp-stream any any -> any any (msg:"tcp-stream, no content"; sid:101;)
+alert tcp-pkt [192.168.0.0/16,10.0.0.0/8,172.16.0.0/12] any -> any any (msg:"tcp-pkt, no content"; sid:201;)
+alert ip any any -> any any (hostbits:set,myflow2; sid:1505;)

diff --git a/tests/rules/rule-type-ip-only/test.yaml b/tests/rules/rule-type-ip-only/test.yaml
new file mode 100644 (file)
index 0000000..5e82fd8
--- /dev/null
+++ b/tests/rules/rule-type-ip-only/test.yaml
@@ -0,0 +1,26 @@
+requires:
+  min-version: 7
+  pcap: false
+
+args:
+- --engine-analysis
+
+checks:
+    - filter:
+        filename: rules.json
+        count: 1
+        match:
+            id: 101
+            type: ip_only
+    - filter:
+        filename: rules.json
+        count: 1
+        match:
+            id: 201
+            type: ip_only
+    - filter:
+        filename: rules.json
+        count: 1
+        match:
+            id: 1505
+            type: ip_only