From: Philippe Antoine <contact@catenacyber.fr>
Date: Thu, 12 Nov 2020 09:48:49 +0000 (+0100)
Subject: Adds check for http2 file gzip decompression
X-Git-Tag: suricata-6.0.4~162
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8e0988e0565df1a5c0dacd46e27bd68fc5caafda;p=thirdparty%2Fsuricata-verify.git

Adds check for http2 file gzip decompression
---

diff --git a/tests/http2-bugfixes/suricata.yaml b/tests/http2-bugfixes/suricata.yaml
index 0b72e6cab..3d9bb8e14 100644
--- a/tests/http2-bugfixes/suricata.yaml
+++ b/tests/http2-bugfixes/suricata.yaml
@@ -6,6 +6,7 @@ outputs:
       enabled: true
       types:
         - alert
+        - files
         - http2
         - anomaly
 
diff --git a/tests/http2-bugfixes/test.yaml b/tests/http2-bugfixes/test.yaml
index 8db25b020..d6269d9cc 100644
--- a/tests/http2-bugfixes/test.yaml
+++ b/tests/http2-bugfixes/test.yaml
@@ -14,3 +14,8 @@ checks:
       count: 0
       match:
         event_type: anomaly
+  - filter:
+      count: 1
+      match:
+        event_type: fileinfo
+        fileinfo.size: 639