From: Victor Julien Date: Sat, 6 Jun 2020 07:27:07 +0000 (+0200) Subject: tests: fixes after TCP changes X-Git-Tag: suricata-6.0.4~273 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F281%2Fhead;p=thirdparty%2Fsuricata-verify.git tests: fixes after TCP changes Fixes around ACK'd data. --- diff --git a/tests/smtp-eve/test.yaml b/tests/smtp-eve/test.yaml index bc59f92cd..924b7b55d 100644 --- a/tests/smtp-eve/test.yaml +++ b/tests/smtp-eve/test.yaml @@ -14,7 +14,6 @@ checks: email.status: PARSE_DONE email.to[0]: event_type: smtp - pcap_cnt: 46 proto: TCP smtp.helo: GP smtp.mail_from: @@ -39,7 +38,50 @@ checks: fileinfo.state: CLOSED fileinfo.stored: false fileinfo.tx_id: 0 - pcap_cnt: 46 + proto: TCP + smtp.helo: GP + smtp.mail_from: + smtp.rcpt_to[0]: + src_ip: 10.10.1.4 + src_port: 1470 +- filter: + version: 6 + count: 1 + match: + dest_ip: 74.53.140.153 + dest_port: 25 + email.attachment[0]: NEWS.txt + email.from: '"Gurpartap Singh" ' + email.status: PARSE_DONE + email.to[0]: + event_type: smtp + pcap_cnt: 51 + proto: TCP + smtp.helo: GP + smtp.mail_from: + smtp.rcpt_to[0]: + src_ip: 10.10.1.4 + src_port: 1470 + tx_id: 0 +- filter: + version: 6 + count: 1 + match: + app_proto: smtp + dest_ip: 74.53.140.153 + dest_port: 25 + email.attachment[0]: NEWS.txt + email.from: '"Gurpartap Singh" ' + email.status: PARSE_DONE + email.to[0]: + event_type: fileinfo + fileinfo.filename: NEWS.txt + fileinfo.gaps: false + fileinfo.size: 10735 + fileinfo.state: CLOSED + fileinfo.stored: false + fileinfo.tx_id: 0 + pcap_cnt: 51 proto: TCP smtp.helo: GP smtp.mail_from: