--- /dev/null
+** SCFileInfo is: [**] fileid: 1 [**] txid: 0
+name: /en-US/static/@95063/css/print.css
+size: 1054 [**] magic: nomagic
+md5: c0b818de79d068db0a989ed35044cd62
+sha1: afb4fb1ad18223825cfb7ce5bf506e0f9dc47d5c
+sha256: 57b43ee07432cf8a8b8a17d9d712138194e4564e4b36963a34c495b576b404fe
+** SCFileInfo is: [**] fileid: 2 [**] txid: 1
+name: /en-US/static/@95063/js/contrib/lowpro_for_jquery.js
+size: 4096 [**] magic: nomagic
+md5: 545507473518ecdb45600cd50252a3ae
+sha1: 8d4c76eb9ebab67a3c5a8234f02bcece0a021019
+sha256: 20af0596a3ca657849ae0be5136fae338e5d0df57630890509a8d9ecccd855ac
--- /dev/null
+-- Output test for SCFileInfo
+file_name = "scfileinfo.log"
+
+function init (args)
+ local needs = {}
+ needs['type'] = 'file'
+ return needs
+end
+
+function setup(args)
+ filename = SCLogPath() .. "/" .. file_name
+ file = assert(io.open(filename, "w"))
+ SCLogInfo("lua SCFileInfo Log Filename " .. filename)
+end
+
+function log(args)
+ fileid, txid, name, size, magic, md5, sha1, sha256 = SCFileInfo()
+ if magic == nil then
+ magic = "nomagic"
+ end
+
+ file:write ("** SCFileInfo is: [**] fileid: " .. fileid .. " [**] txid: " .. txid .. "\nname: " .. name .. "\nsize: " .. size .. " [**] magic: " .. magic .. "\nmd5: " .. md5 .. "\nsha1: " .. sha1 .. "\nsha256: " .. sha256 .. "\n")
+ file:flush()
+end
+
+function deinit(args)
+ SCLogInfo ("SCFileInfo logging finished");
+ file:close(file)
+end
--- /dev/null
+%YAML 1.1
+---
+
+outputs:
+ - lua:
+ enabled: yes
+ scripts-dir: .
+ scripts:
+ - scfileinfo.lua
+
+ - file-store:
+ version: 2
+ enabled: yes
+ force-filestore: yes
+ force-hash: [sha256, sha1, md5]
\ No newline at end of file
--- /dev/null
+requires:
+ features:
+ - HAVE_LUA
+ lt-version: 8
+
+pcap: ../lua-scfileinfo/filecontainer-http-slice.pcap
+
+checks:
+ - file-compare:
+ # Two files should be identical
+ filename: scfileinfo.log
+ expected: expected/scfileinfo.log
md5: c0b818de79d068db0a989ed35044cd62
sha1: afb4fb1ad18223825cfb7ce5bf506e0f9dc47d5c
sha256: 57b43ee07432cf8a8b8a17d9d712138194e4564e4b36963a34c495b576b404fe
+state: CLOSED
+is_stored: true
** SCFileInfo is: [**] fileid: 2 [**] txid: 1
name: /en-US/static/@95063/js/contrib/lowpro_for_jquery.js
size: 4096 [**] magic: nomagic
md5: 545507473518ecdb45600cd50252a3ae
sha1: 8d4c76eb9ebab67a3c5a8234f02bcece0a021019
sha256: 20af0596a3ca657849ae0be5136fae338e5d0df57630890509a8d9ecccd855ac
+state: CLOSED
+is_stored: true
+local filelib = require("suricata.file")
+
-- Output test for SCFileInfo
file_name = "scfileinfo.log"
function init (args)
- local needs = {}
- needs['type'] = 'file'
- return needs
+ return {type = "file"}
end
function setup(args)
filename = SCLogPath() .. "/" .. file_name
- file = assert(io.open(filename, "w"))
+ output = assert(io.open(filename, "w"))
SCLogInfo("lua SCFileInfo Log Filename " .. filename)
end
function log(args)
- fileid, txid, name, size, magic, md5, sha1, sha256 = SCFileInfo()
+ local file = filelib.get_file()
+
+ local fileid = file:file_id()
+ local txid = file:tx_id()
+ local name = file:name()
+ local size = file:size()
+ local magic = file:magic()
if magic == nil then
magic = "nomagic"
end
+ local md5 = file:md5()
+ local sha1 = file:sha1()
+ local sha256 = file:sha256()
- file:write ("** SCFileInfo is: [**] fileid: " .. fileid .. " [**] txid: " .. txid .. "\nname: " .. name .. "\nsize: " .. size .. " [**] magic: " .. magic .. "\nmd5: " .. md5 .. "\nsha1: " .. sha1 .. "\nsha256: " .. sha256 .. "\n")
- file:flush()
+ output:write("** SCFileInfo is: [**] fileid: " .. fileid .. " [**] txid: " .. txid .. "\nname: " .. name .. "\nsize: " .. size .. " [**] magic: " .. magic .. "\nmd5: " .. md5 .. "\nsha1: " .. sha1 .. "\nsha256: " .. sha256 .. "\n")
+ output:write("state: " .. file:get_state() .. "\n")
+ output:write("is_stored: " .. tostring(file:is_stored()) .. "\n")
+ output:flush()
end
function deinit(args)
SCLogInfo ("SCFileInfo logging finished");
- file:close(file)
+ output:close()
end
---
outputs:
+ - eve-log:
+ enabled: yes
+ types:
+ - alert:
+ - files:
+
- lua:
enabled: yes
scripts-dir: .
requires:
- features:
- - HAVE_LUA
+ min-version: 8.0.0
+
+args:
+ - -k none
checks:
- file-compare:
projects / thirdparty / suricata-verify.git / commitdiff
