From: Carl Smith <carl@eclb.co.nz>
Date: Tue, 18 Aug 2020 00:05:01 +0000 (+1200)
Subject: nsh: Add tests for NSH headers types 1 and 2
X-Git-Tag: suricata-6.0.4~202
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f7f2c62a5febfbc0c1811efd129644ccc869a73d;p=thirdparty%2Fsuricata-verify.git

nsh: Add tests for NSH headers types 1 and 2
---

diff --git a/tests/decode-nsh-type1/README.md b/tests/decode-nsh-type1/README.md
new file mode 100644
index 000000000..80c575f2d
--- /dev/null
+++ b/tests/decode-nsh-type1/README.md
@@ -0,0 +1,3 @@
+NSH - Network Service Header (https://tools.ietf.org/html/rfc8300)
+Ensure NSH Type 1 headers are decoded.
+Type 1 headers have a fixed-Length context header (16-bytes).
diff --git a/tests/decode-nsh-type1/input.pcap b/tests/decode-nsh-type1/input.pcap
new file mode 100644
index 000000000..5e097255b
Binary files /dev/null and b/tests/decode-nsh-type1/input.pcap differ
diff --git a/tests/decode-nsh-type1/test.yaml b/tests/decode-nsh-type1/test.yaml
new file mode 100644
index 000000000..ad7ddc617
--- /dev/null
+++ b/tests/decode-nsh-type1/test.yaml
@@ -0,0 +1,20 @@
+requires:
+    min-version: 6
+
+args:
+- -k none
+
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: flow
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+  - stats:
+      decoder.ethernet: 1
+      decoder.nsh: 1
+      decoder.ipv4: 1
+      decoder.udp: 1
\ No newline at end of file
diff --git a/tests/decode-nsh-type2/README.md b/tests/decode-nsh-type2/README.md
new file mode 100644
index 000000000..e101ca31c
--- /dev/null
+++ b/tests/decode-nsh-type2/README.md
@@ -0,0 +1,3 @@
+NSH - Network Service Header (https://tools.ietf.org/html/rfc8300)
+Ensure NSH Type 2 headers are decoded.
+Type 2 headers have zero or more variable-length context headers.
diff --git a/tests/decode-nsh-type2/input.pcap b/tests/decode-nsh-type2/input.pcap
new file mode 100644
index 000000000..820f93e80
Binary files /dev/null and b/tests/decode-nsh-type2/input.pcap differ
diff --git a/tests/decode-nsh-type2/test.yaml b/tests/decode-nsh-type2/test.yaml
new file mode 100644
index 000000000..ad7ddc617
--- /dev/null
+++ b/tests/decode-nsh-type2/test.yaml
@@ -0,0 +1,20 @@
+requires:
+    min-version: 6
+
+args:
+- -k none
+
+checks:
+  - filter:
+      count: 1
+      match:
+        event_type: flow
+  - filter:
+      count: 1
+      match:
+        event_type: stats
+  - stats:
+      decoder.ethernet: 1
+      decoder.nsh: 1
+      decoder.ipv4: 1
+      decoder.udp: 1
\ No newline at end of file