Adds test about DCE decoding

author Philippe Antoine <pantoine@oisf.net>

Thu, 6 Jul 2023 09:35:02 +0000 (11:35 +0200)

committer Victor Julien <victor@inliniac.net>

Fri, 21 Jul 2023 07:42:27 +0000 (09:42 +0200)
author Philippe Antoine <pantoine@oisf.net>
Thu, 6 Jul 2023 09:35:02 +0000 (11:35 +0200)
committer Victor Julien <victor@inliniac.net>
Fri, 21 Jul 2023 07:42:27 +0000 (09:42 +0200)
diff --git a/tests/decode-dce/README.md b/tests/decode-dce/README.md

new file mode 100644 (file)

index 0000000..ff3f3b1
--- /dev/null
+++ b/tests/decode-dce/README.md
@@ -0,0 +1,8 @@
+# Description
+
+Test DCE decoder
+See https://redmine.openinfosecfoundation.org/issues/3637
+
+# PCAP
+
+The pcap comes from https://community.cisco.com/t5/switching/nexus-7000-using-data-center-ethernet-with-fabricpath-not/td-p/3341478
diff --git a/tests/decode-dce/input.pcap b/tests/decode-dce/input.pcap

new file mode 100644 (file)

index 0000000..cd5577c

Binary files /dev/null and b/tests/decode-dce/input.pcap differ
diff --git a/tests/decode-dce/test.yaml b/tests/decode-dce/test.yaml

new file mode 100644 (file)

index 0000000..dfefad3
--- /dev/null
+++ b/tests/decode-dce/test.yaml
@@ -0,0 +1,7 @@
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+  - stats:
+      decoder.ipv6: 16
author	Philippe Antoine <pantoine@oisf.net>
	Thu, 6 Jul 2023 09:35:02 +0000 (11:35 +0200)
committer	Victor Julien <victor@inliniac.net>
	Fri, 21 Jul 2023 07:42:27 +0000 (09:42 +0200)
tests/decode-dce/README.md	[new file with mode: 0644]	patch \| blob
tests/decode-dce/input.pcap	[new file with mode: 0644]	patch \| blob
tests/decode-dce/test.yaml	[new file with mode: 0644]	patch \| blob