From: Philippe Antoine <contact@catenacyber.fr>
Date: Fri, 18 Mar 2022 10:13:56 +0000 (+0100)
Subject: xff: checks dependig on suricata version
X-Git-Tag: suricata-6.0.5^0
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F796%2Fhead;p=thirdparty%2Fsuricata-verify.git

xff: checks dependig on suricata version
---

diff --git a/run.py b/run.py
index 6a5636d1c..1c1763d17 100755
--- a/run.py
+++ b/run.py
@@ -441,10 +441,13 @@ class FilterCheck:
         requires = self.config.get("requires", {})
         req_version = self.config.get("version")
         min_version = self.config.get("min-version")
+        lt_version = self.config.get("lt-version")
         if req_version is not None:
             requires["version"] = req_version
         if min_version is not None:
             requires["min-version"] = min_version
+        if lt_version is not None:
+            requires["lt-version"] = lt_version
         feature = self.config.get("feature")
         if feature is not None:
             requires["features"] = [feature]
diff --git a/tests/http-xff-eve-forward-extra-data/test.yaml b/tests/http-xff-eve-forward-extra-data/test.yaml
index 502519869..30d9f5f6a 100644
--- a/tests/http-xff-eve-forward-extra-data/test.yaml
+++ b/tests/http-xff-eve-forward-extra-data/test.yaml
@@ -3,6 +3,13 @@ args:
 
 checks:
   - filter:
+      min-version: 7
+      count: 1
+      match:
+        alert.xff: 10.2.2.2
+
+  - filter:
+      lt-version: 7
       count: 1
       match:
         xff: 10.2.2.2
diff --git a/tests/http-xff-eve-reverse-extra-data/test.yaml b/tests/http-xff-eve-reverse-extra-data/test.yaml
index b686c73bf..c91ccd219 100644
--- a/tests/http-xff-eve-reverse-extra-data/test.yaml
+++ b/tests/http-xff-eve-reverse-extra-data/test.yaml
@@ -3,6 +3,13 @@ args:
 
 checks:
   - filter:
+      min-version: 7
+      count: 1
+      match:
+        alert.xff: 10.3.3.3
+
+  - filter:
+      lt-version: 7
       count: 1
       match:
         xff: 10.3.3.3