From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 17 Dec 2020 15:03:30 +0000 (+0100)
Subject: Adds check with http.stat_msg keyword and HTTP2 traffic
X-Git-Tag: suricata-6.0.4~124
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8459efa6cc770d81eff9d6a63108bf2f2aafd062;p=thirdparty%2Fsuricata-verify.git

Adds check with http.stat_msg keyword and HTTP2 traffic
---

diff --git a/tests/http2-upgrade/test.rules b/tests/http2-upgrade/test.rules
index 5428b264d..c2cef492a 100644
--- a/tests/http2-upgrade/test.rules
+++ b/tests/http2-upgrade/test.rules
@@ -3,3 +3,4 @@ alert http2 any any -> any any (http.uri; content:"/robots.txt"; sid:11;)
 alert http any any -> any any (http.uri; content:"/robots.txt"; sid:12;)
 
 alert http2 any any -> any any (http.user_agent; content:"curl"; sid:20;)
+alert http2 any any -> any any (http.stat_msg; content:"404"; sid:21;)
diff --git a/tests/http2-upgrade/test.yaml b/tests/http2-upgrade/test.yaml
index 0fc697173..82be0b058 100644
--- a/tests/http2-upgrade/test.yaml
+++ b/tests/http2-upgrade/test.yaml
@@ -71,3 +71,8 @@ checks:
       match:
         event_type: alert
         alert.signature_id: 20
+  - filter:
+      count: 1
+      match:
+        event_type: alert
+        alert.signature_id: 21