From: Alice Akaki <akakialice@gmail.com>
Date: Thu, 10 Oct 2024 03:42:40 +0000 (-0400)
Subject: tests: add rule type check for icmp_id
X-Git-Tag: suricata-7.0.8~47
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b337a349e45e8098f2c8976ebff5c1e222cb6ca1;p=thirdparty%2Fsuricata-verify.git

tests: add rule type check for icmp_id

Ticket: #6360
---

diff --git a/tests/rules/icmp_id/test.rules b/tests/rules/icmp_id/test.rules
new file mode 100644
index 000000000..23f989950
--- /dev/null
+++ b/tests/rules/icmp_id/test.rules
@@ -0,0 +1 @@
+alert icmp any any -> any any (msg:"Testing icmp_id"; icmp_id:2; sid:1;)
diff --git a/tests/rules/icmp_id/test.yaml b/tests/rules/icmp_id/test.yaml
new file mode 100644
index 000000000..b3285e46e
--- /dev/null
+++ b/tests/rules/icmp_id/test.yaml
@@ -0,0 +1,15 @@
+requires:
+    min-version: 8.0
+    pcap: false
+
+args:
+    - --engine-analysis
+
+checks:
+- filter:
+    filename: rules.json
+    count: 1
+    match:
+      id: 1
+      lists.packet.matches[0].name: "icmp_id"
+      lists.packet.matches[0].id.number: 2
\ No newline at end of file