From: Juliana Fajardini Date: Tue, 27 Jan 2026 12:45:57 +0000 (-0300) Subject: tests/misc: fix README files X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4bc4402370563128655ff2b164f1a4be09a0f1ce;p=thirdparty%2Fsuricata-verify.git tests/misc: fix README files Some files that were missing redmine ticket reference, and/or had partially wrong descriptions. --- diff --git a/tests/droped-flow-applayer-event-logged-dcerpc/README.md b/tests/droped-flow-applayer-event-logged-dcerpc/README.md index 8d9438881..c5948da55 100644 --- a/tests/droped-flow-applayer-event-logged-dcerpc/README.md +++ b/tests/droped-flow-applayer-event-logged-dcerpc/README.md @@ -5,10 +5,15 @@ It seems that Suricata will log an applayer event for a dropped flow, for the second packet of the flow. This test demonstrates such behavior, so we can investigate it. -This test demonstrates this behavior with the SMB version 3 protocol. +This test demonstrates this behavior with the DCERPC protocol. PCAP ==== -PCAP found on Wireshark Wiki. +PCAP reused from existing test `dceprc-3109`. + +Ticket +====== + +https://redmine.openinfosecfoundation.org/issues/5510 diff --git a/tests/droped-flow-applayer-event-logged-http/README.md b/tests/droped-flow-applayer-event-logged-http/README.md index 7c1f235a0..d4f385924 100644 --- a/tests/droped-flow-applayer-event-logged-http/README.md +++ b/tests/droped-flow-applayer-event-logged-http/README.md @@ -12,4 +12,9 @@ PCAP ==== PCAP is the result of extracting the http packets from a pcap representing a -curl to the www.testmyids.com site. +curl to the www.testmyids.com site, reused from test exception-policy-midstream-06 - input-http-ACK.pcap . + +Ticket +====== + +https://redmine.openinfosecfoundation.org/issues/5510 diff --git a/tests/droped-flow-applayer-event-logged-smb/README.md b/tests/droped-flow-applayer-event-logged-smb/README.md index 8d9438881..b70839948 100644 --- a/tests/droped-flow-applayer-event-logged-smb/README.md +++ b/tests/droped-flow-applayer-event-logged-smb/README.md @@ -12,3 +12,8 @@ PCAP ==== PCAP found on Wireshark Wiki. + +Ticket +====== + +https://redmine.openinfosecfoundation.org/issues/5510