From: Jason Ish <jason.ish@oisf.net>
Date: Thu, 4 Jul 2024 21:41:29 +0000 (-0600)
Subject: dns-udp-eve-log-srv: v2 and v3 tests
X-Git-Tag: suricata-7.0.7~62
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c008c4ca652ea1394f9d3bebc13e07f7175f91f;p=thirdparty%2Fsuricata-verify.git

dns-udp-eve-log-srv: v2 and v3 tests
---

diff --git a/tests/dns-udp-eve-log-srv/input.pcap b/tests/dns/dns-udp-eve-log-srv/input.pcap
similarity index 100%
rename from tests/dns-udp-eve-log-srv/input.pcap
rename to tests/dns/dns-udp-eve-log-srv/input.pcap
diff --git a/tests/dns-udp-eve-log-srv/suricata.yaml b/tests/dns/dns-udp-eve-log-srv/suricata.yaml
similarity index 100%
rename from tests/dns-udp-eve-log-srv/suricata.yaml
rename to tests/dns/dns-udp-eve-log-srv/suricata.yaml
diff --git a/tests/dns/dns-udp-eve-log-srv/test.yaml b/tests/dns/dns-udp-eve-log-srv/test.yaml
new file mode 100644
index 000000000..3b9a0ca69
--- /dev/null
+++ b/tests/dns/dns-udp-eve-log-srv/test.yaml
@@ -0,0 +1,32 @@
+requires:
+  min-version: 8
+
+args:
+  - -k none
+
+checks:
+
+  - filter:
+      count: 1
+      match:
+        event_type: dns
+        dns.type: request
+        dns.queries[0].rrname: _sip._udp.sip.voice.google.com
+        dns.queries[0].rrtype: SRV
+
+  - filter:
+      count: 1
+      match:
+        event_type: dns
+        dns.type: response
+        dns.queries[0].rrname: _sip._udp.sip.voice.google.com
+        dns.queries[0].rrtype: SRV
+        dns.rcode: NOERROR
+        dns.answers[0].srv.priority: 20
+        dns.answers[0].srv.weight: 1
+        dns.answers[0].srv.port: 5060
+        dns.answers[0].srv.name: sip-anycast-2.voice.google.com
+        dns.answers[1].srv.priority: 10
+        dns.answers[1].srv.weight: 1
+        dns.answers[1].srv.port: 5060
+        dns.answers[1].srv.name: sip-anycast-1.voice.google.com
diff --git a/tests/dns/v2/dns-udp-eve-log-srv/input.pcap b/tests/dns/v2/dns-udp-eve-log-srv/input.pcap
new file mode 100644
index 000000000..565399fa9
Binary files /dev/null and b/tests/dns/v2/dns-udp-eve-log-srv/input.pcap differ
diff --git a/tests/dns/v2/dns-udp-eve-log-srv/suricata.yaml b/tests/dns/v2/dns-udp-eve-log-srv/suricata.yaml
new file mode 100644
index 000000000..35b34a02d
--- /dev/null
+++ b/tests/dns/v2/dns-udp-eve-log-srv/suricata.yaml
@@ -0,0 +1,16 @@
+%YAML 1.1
+---
+
+outputs:
+  - eve-log:
+      enabled: yes
+      filetype: regular
+      filename: eve.json
+      types:
+        - dns:
+            version: 2
+
+app-layer:
+  protocols:
+    dns:
+      enabled: yes
diff --git a/tests/dns-udp-eve-log-srv/test.yaml b/tests/dns/v2/dns-udp-eve-log-srv/test.yaml
similarity index 100%
rename from tests/dns-udp-eve-log-srv/test.yaml
rename to tests/dns/v2/dns-udp-eve-log-srv/test.yaml