From: Jason Ish <ish@unx.ca>
Date: Wed, 14 Jun 2017 16:33:26 +0000 (-0600)
Subject: add a dns test - has pcap for some unit tests
X-Git-Tag: suricata-6.0.4~580
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=7cc0e1bd0a5249b52e6e87d82d57c0b6aaf75fce;p=thirdparty%2Fsuricata-verify.git

add a dns test - has pcap for some unit tests
---

diff --git a/dns-udp-dig-a-www-suricata-ids-org/README.md b/dns-udp-dig-a-www-suricata-ids-org/README.md
new file mode 100644
index 000000000..ea42c65ad
--- /dev/null
+++ b/dns-udp-dig-a-www-suricata-ids-org/README.md
@@ -0,0 +1 @@
+Basic DNS test running on valid data.
diff --git a/dns-udp-dig-a-www-suricata-ids-org/check.sh b/dns-udp-dig-a-www-suricata-ids-org/check.sh
new file mode 100755
index 000000000..5a4dc5dbc
--- /dev/null
+++ b/dns-udp-dig-a-www-suricata-ids-org/check.sh
@@ -0,0 +1,15 @@
+#! /bin/sh
+
+. ../functions.sh
+
+n=$(cat output/eve.json | jq -c 'select(.dns.type == "query")' | wc -l)
+assert_eq 1 $n
+
+n=$(cat output/eve.json | jq -c 'select(.dns.type == "answer")' | wc -l)
+assert_eq 3 $n
+
+n=$(cat output/eve.json | jq -c 'select(.dns.rrtype == "CNAME")' | wc -l)
+assert_eq 1 $n
+
+n=$(cat output/eve.json | jq -c 'select(.dns.rrtype == "A")' | wc -l)
+assert_eq 3 $n
diff --git a/dns-udp-dig-a-www-suricata-ids-org/dig-a-www.suricata-ids.org.pcap b/dns-udp-dig-a-www-suricata-ids-org/dig-a-www.suricata-ids.org.pcap
new file mode 100644
index 000000000..663a6797f
Binary files /dev/null and b/dns-udp-dig-a-www-suricata-ids-org/dig-a-www.suricata-ids.org.pcap differ