From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Sat, 30 Mar 2019 15:07:37 +0000 (-0700)
Subject: FTP active/passive mode file extraction tests
X-Git-Tag: suricata-6.0.4~433
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=556523ff40dc8a31c6dabce7b6207767806f72d7;p=thirdparty%2Fsuricata-verify.git

FTP active/passive mode file extraction tests

This changeset adds test cases for FTP active and passive mode using
the pcaps from issue 2527.
---

diff --git a/tests/filestore-ftp-active-mode/ftp-active-mode.pcap b/tests/filestore-ftp-active-mode/ftp-active-mode.pcap
new file mode 100644
index 000000000..89106e433
Binary files /dev/null and b/tests/filestore-ftp-active-mode/ftp-active-mode.pcap differ
diff --git a/tests/filestore-ftp-active-mode/suricata.yaml b/tests/filestore-ftp-active-mode/suricata.yaml
new file mode 100644
index 000000000..d0eb1a7a8
--- /dev/null
+++ b/tests/filestore-ftp-active-mode/suricata.yaml
@@ -0,0 +1,11 @@
+%YAML 1.1
+---
+
+pcap-file:
+    checksum-checks: no
+
+outputs:
+  - file-store:
+      enabled: yes       # set to yes to enable
+      version: 2
+      force-filestore: yes # force storing of all files
diff --git a/tests/filestore-ftp-active-mode/test.yaml b/tests/filestore-ftp-active-mode/test.yaml
new file mode 100644
index 000000000..61b41608f
--- /dev/null
+++ b/tests/filestore-ftp-active-mode/test.yaml
@@ -0,0 +1,11 @@
+requires:
+  min-version: 5.0.0
+
+checks:
+  - shell:
+      args: echo file.[0-9].meta | wc -w
+      expect: 3
+
+
+args:
+  - --runmode=single
diff --git a/tests/filestore-ftp-passive-mode/ftp-passive-mode.pcap b/tests/filestore-ftp-passive-mode/ftp-passive-mode.pcap
new file mode 100644
index 000000000..a43e65c8b
Binary files /dev/null and b/tests/filestore-ftp-passive-mode/ftp-passive-mode.pcap differ
diff --git a/tests/filestore-ftp-passive-mode/suricata.yaml b/tests/filestore-ftp-passive-mode/suricata.yaml
new file mode 100644
index 000000000..d0eb1a7a8
--- /dev/null
+++ b/tests/filestore-ftp-passive-mode/suricata.yaml
@@ -0,0 +1,11 @@
+%YAML 1.1
+---
+
+pcap-file:
+    checksum-checks: no
+
+outputs:
+  - file-store:
+      enabled: yes       # set to yes to enable
+      version: 2
+      force-filestore: yes # force storing of all files
diff --git a/tests/filestore-ftp-passive-mode/test.yaml b/tests/filestore-ftp-passive-mode/test.yaml
new file mode 100644
index 000000000..97313038f
--- /dev/null
+++ b/tests/filestore-ftp-passive-mode/test.yaml
@@ -0,0 +1,10 @@
+requires:
+  min-version: 4.1.0
+
+checks:
+  - shell:
+      args: echo file.[0-9].meta | wc -w
+      expect: 3
+
+args:
+  - --runmode=single