From: Jeff Lucovsky <jlucovsky@oisf.net>
Date: Tue, 22 Aug 2023 14:57:52 +0000 (-0400)
Subject: test/stream: Update drop reason per new reason code
X-Git-Tag: suricata-6.0.15~17
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=592f045bd6d26e3c9e8e926084a6d4efe3750f3e;p=thirdparty%2Fsuricata-verify.git

test/stream: Update drop reason per new reason code

Issue: 6235
---

diff --git a/tests/exception-policy-stream-reassembly-memcap-01/README.md b/tests/exception-policy-stream-reassembly-memcap-01/README.md
new file mode 100644
index 000000000..88a687fc3
--- /dev/null
+++ b/tests/exception-policy-stream-reassembly-memcap-01/README.md
@@ -0,0 +1,5 @@
+# Description
+
+Test exception policy logic for stream reassembly.
+
+DEBUG is required to enable the "eps" logic.
diff --git a/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml
index dfccb8afa..3c973a2be 100644
--- a/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml
+++ b/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml
@@ -1,6 +1,9 @@
 %YAML 1.1
 ---
 
+stats:
+  enabled: yes
+
 outputs:
   - eve-log:
       enabled: yes
@@ -20,6 +23,10 @@ outputs:
             flows: all       # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats:
+            totals: yes       # stats for all threads merged together
+            threads: no       # per thread stats
+            deltas: no        # include delta values
 action-order:
   - pass
   - drop
diff --git a/tests/exception-policy-stream-reassembly-memcap-01/test.yaml b/tests/exception-policy-stream-reassembly-memcap-01/test.yaml
index eb6c5305e..f20281159 100644
--- a/tests/exception-policy-stream-reassembly-memcap-01/test.yaml
+++ b/tests/exception-policy-stream-reassembly-memcap-01/test.yaml
@@ -23,7 +23,7 @@ checks:
       count: 1
       match:
         event_type: drop
-        drop.reason: "stream memcap"
+        drop.reason: "stream reassembly"
   - filter:
       count: 28
       match:
@@ -48,3 +48,8 @@ checks:
       match:
         event_type: flow
         flow.action: drop
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.stream_reassembly: 1
diff --git a/tests/exception-policy-stream-reassembly-memcap-04/README.md b/tests/exception-policy-stream-reassembly-memcap-04/README.md
new file mode 100644
index 000000000..88a687fc3
--- /dev/null
+++ b/tests/exception-policy-stream-reassembly-memcap-04/README.md
@@ -0,0 +1,5 @@
+# Description
+
+Test exception policy logic for stream reassembly.
+
+DEBUG is required to enable the "eps" logic.
diff --git a/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml
index 758f72085..aac4c605a 100644
--- a/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml
+++ b/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml
@@ -14,3 +14,7 @@ outputs:
             flows: all       # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats:
+            totals: yes       # stats for all threads merged together
+            threads: no       # per thread stats
+            deltas: no        # include delta values
diff --git a/tests/exception-policy-stream-reassembly-memcap-04/test.yaml b/tests/exception-policy-stream-reassembly-memcap-04/test.yaml
index eb6c5305e..f20281159 100644
--- a/tests/exception-policy-stream-reassembly-memcap-04/test.yaml
+++ b/tests/exception-policy-stream-reassembly-memcap-04/test.yaml
@@ -23,7 +23,7 @@ checks:
       count: 1
       match:
         event_type: drop
-        drop.reason: "stream memcap"
+        drop.reason: "stream reassembly"
   - filter:
       count: 28
       match:
@@ -48,3 +48,8 @@ checks:
       match:
         event_type: flow
         flow.action: drop
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.stream_reassembly: 1
diff --git a/tests/exception-policy-stream-reassembly-memcap-05/README.md b/tests/exception-policy-stream-reassembly-memcap-05/README.md
new file mode 100644
index 000000000..88a687fc3
--- /dev/null
+++ b/tests/exception-policy-stream-reassembly-memcap-05/README.md
@@ -0,0 +1,5 @@
+# Description
+
+Test exception policy logic for stream reassembly.
+
+DEBUG is required to enable the "eps" logic.
diff --git a/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml
index 758f72085..aac4c605a 100644
--- a/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml
+++ b/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml
@@ -14,3 +14,7 @@ outputs:
             flows: all       # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats:
+            totals: yes       # stats for all threads merged together
+            threads: no       # per thread stats
+            deltas: no        # include delta values
diff --git a/tests/exception-policy-stream-reassembly-memcap-05/test.yaml b/tests/exception-policy-stream-reassembly-memcap-05/test.yaml
index 7901c6b4d..d19e9ad87 100644
--- a/tests/exception-policy-stream-reassembly-memcap-05/test.yaml
+++ b/tests/exception-policy-stream-reassembly-memcap-05/test.yaml
@@ -24,7 +24,7 @@ checks:
       count: 1
       match:
         event_type: drop
-        drop.reason: "stream memcap"
+        drop.reason: "stream reassembly"
   - filter:
       count: 0
       match:
@@ -49,3 +49,8 @@ checks:
       match:
         event_type: flow
         flow.action: drop
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.stream_reassembly: 1