From: Jason Ish <ish@unx.ca>
Date: Fri, 24 Nov 2017 16:55:55 +0000 (-0600)
Subject: basic test for linktype 228
X-Git-Tag: suricata-6.0.4~567
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5f61a8e73beaba2a47983903720c82907be149eb;p=thirdparty%2Fsuricata-verify.git

basic test for linktype 228
---

diff --git a/tests/linktype-228/check.sh b/tests/linktype-228/check.sh
new file mode 100755
index 000000000..958b2ffcf
--- /dev/null
+++ b/tests/linktype-228/check.sh
@@ -0,0 +1,5 @@
+#! /bin/sh
+
+tcp=$(cat output/eve.json | \
+	  jq -c 'select(.event_type == "stats") | .stats.decoder.tcp')
+test "${tcp}" = "7"
diff --git a/tests/linktype-228/flow-test-01.pcap b/tests/linktype-228/flow-test-01.pcap
new file mode 100644
index 000000000..88779e626
Binary files /dev/null and b/tests/linktype-228/flow-test-01.pcap differ