usage: createst.py [-h] [--output-path <output-path>] [--eventtype-only]
[--allow-events [ALLOW_EVENTS]] [--rules <rules-file>]
[--strictcsums] [--min-version <min-version>]
+ [--midstream]
<test-name> <pcap-file>
Create tests with a given PCAP. Execute the script from a valid Suricata source
--strictcsums Strictly validate checksum
--min-version <min-version>
Adds a global minimum required version
+ --midstream Allow midstream session pickups
```
### Examples
sys.exit(1)
with open(test_yaml_path, "w+") as fp:
fp.write("# *** Add configuration here ***\n\n")
- if not args["strictcsums"]:
- fp.write("args:\n- -k none\n\n")
if check_requires():
fp.write("requires:\n")
if args["min_version"]:
fp.write(" min-version: %s\n\n" % args["min_version"])
if args["add_version"]:
fp.write(" version: %s\n\n" % args["add_version"])
+ suricata_args = []
+ if not args["strictcsums"]:
+ suricata_args.append("-k none")
+ if args["midstream"]:
+ suricata_args.append("--set stream.midstream=true")
+ if suricata_args:
+ fp.write("args:\n")
+ fp.write("\n".join(["- {}".format(a) for a in suricata_args]))
+ fp.write("\n\n")
fp.write(data)
def check_requires():
help="Create filter blocks for the specified events")
parser.add_argument("--strictcsums", default=None, action="store_true",
help="Strictly validate checksum")
+ parser.add_argument("--midstream", default=False, action="store_true",
+ help="Allow midstream session pickups")
parser.add_argument("--min-version", default=None, metavar="<min-version>",
help="Adds a global minimum required version")
parser.add_argument("--add-version", default=None, metavar="<add-version>",
if not args["strictcsums"]:
largs += ["-k", "none"]
+ if args["midstream"]:
+ largs += ["--set", "stream.midstream=true"]
p = subprocess.Popen(
largs, cwd=cwd, env=env,
stdout=subprocess.PIPE, stderr=subprocess.PIPE)
projects / thirdparty / suricata-verify.git / commitdiff
