dns-rname-truncated: update for 7.0.8 backport

author Jason Ish <jason.ish@oisf.net>

Tue, 10 Dec 2024 20:40:35 +0000 (14:40 -0600)

committer Victor Julien <victor@inliniac.net>

Wed, 11 Dec 2024 22:09:53 +0000 (23:09 +0100)
author Jason Ish <jason.ish@oisf.net>
Tue, 10 Dec 2024 20:40:35 +0000 (14:40 -0600)
committer Victor Julien <victor@inliniac.net>
Wed, 11 Dec 2024 22:09:53 +0000 (23:09 +0100)
diff --git a/tests/dns/dns-truncated-rname/test.yaml b/tests/dns/dns-truncated-rname/test.yaml

index 7b94f775c53158ad00d3badce59a47a79091e6d2..bb1cd0afa1fc8cafdc0250012b4900638af348e7 100644 (file)
--- a/tests/dns/dns-truncated-rname/test.yaml
+++ b/tests/dns/dns-truncated-rname/test.yaml
@@ -1,5 +1,5 @@
  requires:
-  min-version: 8
+  min-version: 7
  
  args:
    - --set app-layer.protocols.dns.tcp.detection-ports.dp=1053
@@ -7,6 +7,8 @@ args:
  
  checks:
    - filter:
+      requires:
+        min-version: 8
        count: 1
        match:
          pcap_cnt: 8
@@ -14,9 +16,29 @@ checks:
          dns.queries[0].rrname.__len: 1025
          dns.queries[0].rrname_truncated: true
    - filter:
+      requires:
+        lt-version: 8
+      count: 1500
+      match:
+        pcap_cnt: 8
+        event_type: dns
+        dns.rrname.__len: 1025
+        dns.rrname_truncated: true
+  - filter:
+      requires:
+        min-version: 8
        count: 1
        match:
          pcap_cnt: 9
          event_type: alert
          alert.signature_id: 224008
          dns.queries[0].rrname_truncated: true
+  - filter:
+      requires:
+        lt-version: 8
+      count: 1
+      match:
+        pcap_cnt: 9
+        event_type: alert
+        alert.signature_id: 224008
+        dns.query[0].rrname_truncated: true
author	Jason Ish <jason.ish@oisf.net>
	Tue, 10 Dec 2024 20:40:35 +0000 (14:40 -0600)
committer	Victor Julien <victor@inliniac.net>
	Wed, 11 Dec 2024 22:09:53 +0000 (23:09 +0100)