From: Sam Muhammed <ghostinthehive.vx@gmail.com>
Date: Sat, 22 Jan 2022 14:30:58 +0000 (+0200)
Subject: nfs3: add test for readdirplus records
X-Git-Tag: suricata-6.0.5~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4ef8d937a21601b62ec0aa341d5296594e48b8a8;p=thirdparty%2Fsuricata-verify.git

nfs3: add test for readdirplus records

Required for nfs3_records unittests
4e2edd44aa08f08286001701ec0860c6638625d5

Task #4866
---

diff --git a/tests/nfs3-readdirplus/README.md b/tests/nfs3-readdirplus/README.md
new file mode 100644
index 000000000..59d3a44e8
--- /dev/null
+++ b/tests/nfs3-readdirplus/README.md
@@ -0,0 +1,4 @@
+PCAP
+====
+
+PCAP by Victor Julien
diff --git a/tests/nfs3-readdirplus/input.pcap b/tests/nfs3-readdirplus/input.pcap
new file mode 100644
index 000000000..2f52dc517
Binary files /dev/null and b/tests/nfs3-readdirplus/input.pcap differ
diff --git a/tests/nfs3-readdirplus/test.yaml b/tests/nfs3-readdirplus/test.yaml
new file mode 100644
index 000000000..dbaefbd2b
--- /dev/null
+++ b/tests/nfs3-readdirplus/test.yaml
@@ -0,0 +1,33 @@
+requires:
+  min-version: 6.0
+  files:
+    - rust/src/nfs/nfs3.rs
+
+args:
+- -k none
+- --set stream.midstream=true
+- --set app-layer.protocols.nfs.enabled=yes
+
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: nfs
+        dest_ip: 192.168.1.6
+        dest_port: 939
+        nfs.version: 3
+        nfs.status: OK
+        nfs.procedure: READDIRPLUS
+        nfs.type: response
+        nfs.filename: ""
+        nfs.hhash: 23ea69b6
+        nfs.id: 1
+        nfs.file_tx: false
+        proto: TCP
+        src_ip: 192.168.1.2
+        src_port: 2049
+        rpc.xid: 3391488638
+        rpc.status: ACCEPTED
+        rpc.auth_type: UNIX
+        rpc.creds.uid: 1000
+        rpc.creds.gid: 1000