From: Victor Julien <victor@inliniac.net>
Date: Wed, 17 Sep 2025 17:34:54 +0000 (+0200)
Subject: tests: support 9 in requires-ok test
X-Git-Tag: suricata-8.0.2~49
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=2fdd95b43efbd24e06ce9f8dc8214cfd9b275aa6;p=thirdparty%2Fsuricata-verify.git

tests: support 9 in requires-ok test
---

diff --git a/tests/requires-ok/test.rules b/tests/requires-ok/test.rules
index 7dcd0dff1..e2ce57d75 100644
--- a/tests/requires-ok/test.rules
+++ b/tests/requires-ok/test.rules
@@ -1,8 +1,8 @@
 # Rule for Suricata >= 7 and < 8.
 alert http any any -> any any (msg:"TEST Suricata >= 7 and < 8"; content:"uid=0"; requires: version >= 7 < 8; sid:7; rev:1;)
 
-# Rule for Suricata >= 7.0.3 but less than 8... Or >= 8.0.1
-alert http any any -> any any (content:"uid=0"; requires: version >= 7.0.3 < 8 | >= 8.0.99; sid:9; rev:1;)
+# Rule for Suricata >= 7.0.3 but less than 8... or beyond 9
+alert http any any -> any any (content:"uid=0"; requires: version >= 7.0.3 < 8 | >= 9.0.99; sid:9; rev:1;)
 
 # Rule for Suricata >= 8, with pretty useless check for sid keyword.
 alert http any any -> any any (msg:"TEST Suricata >= 8"; content:"uid=0"; requires: version >= 8.0.0, keyword sid; sid:8; rev:1;)
@@ -16,3 +16,7 @@ alert vxlan any any -> any any (requires: version >= 10; sid:1;)
 alert udp any any -> any any (vxlan_vni:10; requires: version >= 10; sid:2;)
 alert http any any => any any (requires: version >= 10; sid:3;)
 alert tcp any any -> any any (frame:smtp.not_supported; requires: version >= 10; sid:4;)
+
+# Rule for Suricata >= 9, with pretty useless check for sid keyword.
+alert http any any -> any any (msg:"TEST Suricata >= 9"; content:"uid=0"; requires: version >= 9.0.0, keyword sid; sid:900; rev:1;)
+
diff --git a/tests/requires-ok/test.yaml b/tests/requires-ok/test.yaml
index 1c852c254..572ab4453 100644
--- a/tests/requires-ok/test.yaml
+++ b/tests/requires-ok/test.yaml
@@ -5,10 +5,25 @@ pcap: ../eve-metadata/testmyids.pcap
 
 checks:
 
+  # Check that for Suricata >= 9.0.0 we have one alert and that alert is sid 900.
+  - filter:
+      requires:
+        min-version: 9
+      count: 2
+      match:
+        event_type: alert
+  - filter:
+      requires:
+        min-version: 9
+      count: 1
+      match:
+        alert.signature_id: 900
+
   # Check that for Suricata >= 8.0.0 we have one alert and that alert is sid 8.
   - filter:
       requires:
         min-version: 8
+        lt-version: 9
       count: 1
       match:
         event_type: alert
@@ -46,16 +61,27 @@ checks:
       count: 1
       match:
         event_type: stats
-        stats.detect.engines[0].rules_skipped: 6
+        stats.detect.engines[0].rules_skipped: 7
         stats.detect.engines[0].rules_loaded: 2
         stats.detect.engines[0].rules_failed: 0
 
   - filter:
       requires:
         min-version: 8
+        lt-version: 9
       count: 1
       match:
         event_type: stats
-        stats.detect.engines[0].rules_skipped: 7
+        stats.detect.engines[0].rules_skipped: 8
         stats.detect.engines[0].rules_loaded: 1
         stats.detect.engines[0].rules_failed: 0
+
+  - filter:
+      requires:
+        min-version: 9
+      count: 1
+      match:
+        event_type: stats
+        stats.detect.engines[0].rules_skipped: 7
+        stats.detect.engines[0].rules_loaded: 2
+        stats.detect.engines[0].rules_failed: 0