From: Shivani Bhardwaj <shivanib134@gmail.com>
Date: Tue, 18 Jun 2019 16:22:49 +0000 (+0530)
Subject: Add tests for TFTP read and write requests
X-Git-Tag: suricata-6.0.4~413
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=016a1aa5685d08bb55a7b6656ba6f5061a0e5295;p=thirdparty%2Fsuricata-verify.git

Add tests for TFTP read and write requests

Closes redmine ticket #3043.
---

diff --git a/tests/tftp-tx-handling-rrq/input.pcap b/tests/tftp-tx-handling-rrq/input.pcap
new file mode 100644
index 000000000..6c5efa8ba
Binary files /dev/null and b/tests/tftp-tx-handling-rrq/input.pcap differ
diff --git a/tests/tftp-tx-handling-rrq/test.yaml b/tests/tftp-tx-handling-rrq/test.yaml
new file mode 100644
index 000000000..cb6da2c3b
--- /dev/null
+++ b/tests/tftp-tx-handling-rrq/test.yaml
@@ -0,0 +1,22 @@
+requires:
+  features:
+    - HAVE_LIBJANSSON
+
+args:
+ - -k none
+
+checks:
+- filter:
+    count: 1
+    match:
+      dest_ip: 192.168.0.10
+      dest_port: 69
+      event_type: tftp
+      pcap_cnt: 1
+      proto: UDP
+      src_ip: 192.168.0.253
+      src_port: 50618
+      tftp:
+        file: rfc1350.txt
+        mode: octet
+        packet: read
diff --git a/tests/tftp-tx-handling-wrq/input.pcap b/tests/tftp-tx-handling-wrq/input.pcap
new file mode 100644
index 000000000..abb986aec
Binary files /dev/null and b/tests/tftp-tx-handling-wrq/input.pcap differ
diff --git a/tests/tftp-tx-handling-wrq/test.yaml b/tests/tftp-tx-handling-wrq/test.yaml
new file mode 100644
index 000000000..74c4862de
--- /dev/null
+++ b/tests/tftp-tx-handling-wrq/test.yaml
@@ -0,0 +1,22 @@
+requires:
+  features:
+    - HAVE_LIBJANSSON
+
+args:
+ - -k none
+
+checks:
+- filter:
+    count: 1
+    match:
+      dest_ip: 192.168.0.13
+      dest_port: 69
+      event_type: tftp
+      pcap_cnt: 1
+      proto: UDP
+      src_ip: 192.168.0.1
+      src_port: 57509
+      tftp:
+        file: rfc1350.txt
+        mode: octet
+        packet: write