From: Philippe Antoine Date: Tue, 27 Aug 2024 13:26:22 +0000 (+0200) Subject: datasets: test unix socket ipv6 operations X-Git-Tag: suricata-8.0.0-beta1~941 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=629873c2bcad0f95162740bea83252f9d95a5209;p=thirdparty%2Fsuricata.git datasets: test unix socket ipv6 operations Ticket: 6969 --- diff --git a/.github/workflows/live/icmp.rules b/.github/workflows/live/icmp.rules index 2003c46531..a938596a81 100644 --- a/.github/workflows/live/icmp.rules +++ b/.github/workflows/live/icmp.rules @@ -1,2 +1,3 @@ alert icmp any any -> any any (itype:8; sid:1;) alert icmp any any -> any any (itype:8; ip.dst; dataset:set,ipv4-list,type ipv4; sid:222;) +alert icmp any any -> any any (itype:8; ip.dst; dataset:set,ipv6-list,type ipv6; sid:226;) diff --git a/.github/workflows/live/pcap.sh b/.github/workflows/live/pcap.sh index decdb692de..24119d8af6 100755 --- a/.github/workflows/live/pcap.sh +++ b/.github/workflows/live/pcap.sh @@ -75,6 +75,29 @@ if [ $CHECK -ne 2 ]; then RES=1 fi +JSON=$(python3 python/bin/suricatasc -c "dataset-add ipv6-list ip 192.168.1.1" /var/run/suricata/suricata-command.socket) +echo $JSON +if [ "$(echo $JSON | jq -r .message)" != "data added" ]; then + echo "ERROR unix socket dataset add failed" + RES=1 +fi + +# look it up in IPv4 in IPv6 notation +JSON=$(python3 python/bin/suricatasc -c "dataset-lookup ipv6-list ip ::ffff:c0a8:0101" /var/run/suricata/suricata-command.socket) +echo $JSON +if [ "$(echo $JSON | jq -r .message)" != "item found in set" ]; then + echo "ERROR unix socket dataset lookup failed" + RES=1 +fi + +# fail to add junk +JSON=$(python3 python/bin/suricatasc -c "dataset-add ipv6-list ip ::ffff:c0a8:0z0z" /var/run/suricata/suricata-command.socket) +echo $JSON +if [ "$(echo $JSON | jq -r .message)" != "failed to add data" ]; then + echo "ERROR unix socket dataset added junk" + RES=1 +fi + echo "SURIPID $SURIPID PINGPID $PINGPID" # set second rule file for the reload