From: Philippe Antoine <pantoine@oisf.net>
Date: Tue, 10 Dec 2024 13:50:08 +0000 (+0100)
Subject: unified2: remove obsolete test
X-Git-Tag: suricata-7.0.9~27
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=315c876b4797118235ca72d5b7645ef087b9b470;p=thirdparty%2Fsuricata-verify.git

unified2: remove obsolete test

Ticket: 2385
---

diff --git a/tests/http-xff-unified2/README.md b/tests/http-xff-unified2/README.md
deleted file mode 100644
index b195988bb..000000000
--- a/tests/http-xff-unified2/README.md
+++ /dev/null
@@ -1,32 +0,0 @@
-Test output of XFF in unified2 alert logging.
-
-## Related Issues and Pull Requests
-- https://redmine.openinfosecfoundation.org/issues/2305
-- https://github.com/OISF/suricata/pull/3119
-
-## PCAP origin
-
-https://redmine.openinfosecfoundation.org/attachments/1424/xff-extradata.pcap
-
-### Request Headers
-
-GET /~sgtatham/putty/0.60/x86/pscp.exe HTTP/1.1
-User-Agent: Wget/1.17.1 (linux-gnu)
-Accept: */*
-Accept-Encoding: identity
-Host: the.earth.li
-Connection: Keep-Alive
-X-Forwarded-For: 10.1.23.250, 10.1.23.250
-
-### Response Headers
-
-HTTP/1.1 200 OK
-Date: Wed, 27 Sep 2017 18:58:30 GMT
-Server: Apache
-Last-Modified: Sun, 29 Apr 2007 13:02:37 GMT
-ETag: "48000-42f3ffb92f540"
-Accept-Ranges: bytes
-Content-Length: 294912
-Keep-Alive: timeout=5, max=100
-Connection: Keep-Alive
-Content-Type: application/x-msdos-program
diff --git a/tests/http-xff-unified2/suricata.yaml b/tests/http-xff-unified2/suricata.yaml
deleted file mode 100644
index c6f1612d5..000000000
--- a/tests/http-xff-unified2/suricata.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-%YAML 1.1
----
-
-include: ../../etc/suricata-4.0.3.yaml
-
-outputs:
-  - unified2-alert:
-      enabled: yes
-      nostamp: yes
-      xff:
-        enabled: yes
-      payload: no
diff --git a/tests/http-xff-unified2/test.rules b/tests/http-xff-unified2/test.rules
deleted file mode 100644
index 78624d975..000000000
--- a/tests/http-xff-unified2/test.rules
+++ /dev/null
@@ -1 +0,0 @@
-alert http any any -> any any (msg:"TEST RULE"; content:"DOS mode"; http_server_body; sid:1; rev:1;)
diff --git a/tests/http-xff-unified2/test.yaml b/tests/http-xff-unified2/test.yaml
deleted file mode 100644
index 8e212810b..000000000
--- a/tests/http-xff-unified2/test.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-requires:
-  script:
-    - grep Unified2XFFTypeAlert src/alert-unified2-alert.c > /dev/null 2>&1
-    # Require the idstools-u2json tool.
-    - which idstools-u2json > /dev/null 2>&1
-
-args:
-  - -k none
-
-pre-check: |
-  # Convert the unified2 to json.
-  idstools-u2json --output unified2.json unified2.alert 2> /dev/null
-
-checks:
-  - filter:
-      filename: unified2.json
-      count: 1
-      match:
-        type: event
-  - filter:
-      filename: unified2.json
-      count: 1
-      match:
-        type: extra-data
-        extra-data.extra-data-type: xff_ip4
diff --git a/tests/http-xff-unified2/xff-extradata.pcap b/tests/http-xff-unified2/xff-extradata.pcap
deleted file mode 100644
index fcea73904..000000000
Binary files a/tests/http-xff-unified2/xff-extradata.pcap and /dev/null differ