From: Juliana Fajardini Date: Thu, 1 Jul 2021 18:58:22 +0000 (+0100) Subject: tests: add lua SCPacketTuple test X-Git-Tag: suricata-6.0.4~53 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9336479b764357b57d56241db5c1c88c7a1580b0;p=thirdparty%2Fsuricata-verify.git tests: add lua SCPacketTuple test --- diff --git a/tests/lua-scpackettuple/README.md b/tests/lua-scpackettuple/README.md new file mode 100644 index 000000000..f85440313 --- /dev/null +++ b/tests/lua-scpackettuple/README.md @@ -0,0 +1 @@ +Tests Lua's SCPacketTuple output. diff --git a/tests/lua-scpackettuple/expected/scpacket-tuple.log b/tests/lua-scpackettuple/expected/scpacket-tuple.log new file mode 100644 index 000000000..8ded52111 --- /dev/null +++ b/tests/lua-scpackettuple/expected/scpacket-tuple.log @@ -0,0 +1,40 @@ +{10/06/2015-15:16:43.136335 [**] +SCPacketTuple is +IP Version: 4 +Src: 10.16.1.11:59733 -> Dst: 104.131.202.103:80 [**] Protocol: 6} +{10/06/2015-15:16:43.136772 [**] +SCPacketTuple is +IP Version: 4 +Src: 104.131.202.103:80 -> Dst: 10.16.1.11:59733 [**] Protocol: 6} +{10/06/2015-15:16:43.136823 [**] +SCPacketTuple is +IP Version: 4 +Src: 10.16.1.11:59733 -> Dst: 104.131.202.103:80 [**] Protocol: 6} +{10/06/2015-15:16:43.136911 [**] +SCPacketTuple is +IP Version: 4 +Src: 10.16.1.11:59733 -> Dst: 104.131.202.103:80 [**] Protocol: 6} +{10/06/2015-15:16:43.137046 [**] +SCPacketTuple is +IP Version: 4 +Src: 104.131.202.103:80 -> Dst: 10.16.1.11:59733 [**] Protocol: 6} +{10/06/2015-15:16:43.137760 [**] +SCPacketTuple is +IP Version: 4 +Src: 104.131.202.103:80 -> Dst: 10.16.1.11:59733 [**] Protocol: 6} +{10/06/2015-15:16:43.137833 [**] +SCPacketTuple is +IP Version: 4 +Src: 10.16.1.11:59733 -> Dst: 104.131.202.103:80 [**] Protocol: 6} +{10/06/2015-15:16:43.138142 [**] +SCPacketTuple is +IP Version: 4 +Src: 10.16.1.11:59733 -> Dst: 104.131.202.103:80 [**] Protocol: 6} +{10/06/2015-15:16:43.138441 [**] +SCPacketTuple is +IP Version: 4 +Src: 104.131.202.103:80 -> Dst: 10.16.1.11:59733 [**] Protocol: 6} +{10/06/2015-15:16:43.138468 [**] +SCPacketTuple is +IP Version: 4 +Src: 10.16.1.11:59733 -> Dst: 104.131.202.103:80 [**] Protocol: 6} diff --git a/tests/lua-scpackettuple/input.pcap b/tests/lua-scpackettuple/input.pcap new file mode 100644 index 000000000..eded33a58 Binary files /dev/null and b/tests/lua-scpackettuple/input.pcap differ diff --git a/tests/lua-scpackettuple/scpackettuple.lua b/tests/lua-scpackettuple/scpackettuple.lua new file mode 100644 index 000000000..9107ce437 --- /dev/null +++ b/tests/lua-scpackettuple/scpackettuple.lua @@ -0,0 +1,29 @@ +-- simple SCPacketTuple log test +name = "scpacket-tuple.log" + +function init(args) + local needs = {} + needs["type"] = "packet" + return needs +end + +function setup(args) + filename = SCLogPath() .. "/" .. name + file = assert(io.open(filename, "a")) + SCLogInfo("Lua SCPacketTuple Log Filename " .. filename) + packets = 0 +end + +function log(args) + timestring = SCPacketTimeString() + ipver, srcip, dstip, proto, sp, dp = SCPacketTuple() + + file:write ("{" .. timestring .. " [**]\nSCPacketTuple is\nIP Version: " .. ipver .. "\nSrc: " .. srcip .. ":" .. sp .. " -> Dst: " .. dstip .. ":" .. dp .. " [**] Protocol: " .. proto .. "}\n") + file:flush() + packets = packets + 1 +end + +function deinit(args) + SCLogInfo ("Packets logged: " .. packets); + file:close(file) +end diff --git a/tests/lua-scpackettuple/suricata.yaml b/tests/lua-scpackettuple/suricata.yaml new file mode 100644 index 000000000..607c2ef13 --- /dev/null +++ b/tests/lua-scpackettuple/suricata.yaml @@ -0,0 +1,9 @@ +%YAML 1.1 +--- + +outputs: + - lua: + enabled: yes + scripts-dir: . + scripts: + - scpackettuple.lua diff --git a/tests/lua-scpackettuple/test.yaml b/tests/lua-scpackettuple/test.yaml new file mode 100644 index 000000000..ca0f91e67 --- /dev/null +++ b/tests/lua-scpackettuple/test.yaml @@ -0,0 +1,9 @@ +requires: + features: + - HAVE_LUA + +checks: + - file-compare: + # A check that compares two files + filename: scpacket-tuple.log + expected: expected/scpacket-tuple.log