From e5830d4c2fa7b85dca92295038b4327f1b35745c Mon Sep 17 00:00:00 2001 From: Jason Ish Date: Thu, 4 Jul 2024 18:05:50 -0600 Subject: [PATCH] dns-tcp-multirequest-buffer: v2 and v3 tests --- tests/dns-tcp-multirequest-buffer-v1/test.yaml | 2 +- tests/{ => dns}/dns-tcp-multirequest-buffer/README | 0 .../dns-tcp-multirequest-buffer.pcap | Bin .../dns-tcp-multirequest-buffer/suricata.yaml | 0 tests/dns/dns-tcp-multirequest-buffer/test.yaml | 12 ++++++++++++ tests/dns/v2/dns-tcp-multirequest-buffer/README | 5 +++++ .../v2/dns-tcp-multirequest-buffer/suricata.yaml | 8 ++++++++ .../v2}/dns-tcp-multirequest-buffer/test.yaml | 7 ++++--- 8 files changed, 30 insertions(+), 4 deletions(-) rename tests/{ => dns}/dns-tcp-multirequest-buffer/README (100%) rename tests/{ => dns}/dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap (100%) rename tests/{ => dns}/dns-tcp-multirequest-buffer/suricata.yaml (100%) create mode 100644 tests/dns/dns-tcp-multirequest-buffer/test.yaml create mode 100644 tests/dns/v2/dns-tcp-multirequest-buffer/README create mode 100644 tests/dns/v2/dns-tcp-multirequest-buffer/suricata.yaml rename tests/{ => dns/v2}/dns-tcp-multirequest-buffer/test.yaml (56%) diff --git a/tests/dns-tcp-multirequest-buffer-v1/test.yaml b/tests/dns-tcp-multirequest-buffer-v1/test.yaml index 637d013e4..bc3f13d74 100644 --- a/tests/dns-tcp-multirequest-buffer-v1/test.yaml +++ b/tests/dns-tcp-multirequest-buffer-v1/test.yaml @@ -1,4 +1,4 @@ -pcap: ../dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap +pcap: ../dns/dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap requires: features: diff --git a/tests/dns-tcp-multirequest-buffer/README b/tests/dns/dns-tcp-multirequest-buffer/README similarity index 100% rename from tests/dns-tcp-multirequest-buffer/README rename to tests/dns/dns-tcp-multirequest-buffer/README diff --git a/tests/dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap b/tests/dns/dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap similarity index 100% rename from tests/dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap rename to tests/dns/dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap diff --git a/tests/dns-tcp-multirequest-buffer/suricata.yaml b/tests/dns/dns-tcp-multirequest-buffer/suricata.yaml similarity index 100% rename from tests/dns-tcp-multirequest-buffer/suricata.yaml rename to tests/dns/dns-tcp-multirequest-buffer/suricata.yaml diff --git a/tests/dns/dns-tcp-multirequest-buffer/test.yaml b/tests/dns/dns-tcp-multirequest-buffer/test.yaml new file mode 100644 index 000000000..2e08d628a --- /dev/null +++ b/tests/dns/dns-tcp-multirequest-buffer/test.yaml @@ -0,0 +1,12 @@ +requires: + min-version: 8 + +checks: + - filter: + count: 20 + match: + dns.type: request + - filter: + count: 20 + match: + dns.type: response diff --git a/tests/dns/v2/dns-tcp-multirequest-buffer/README b/tests/dns/v2/dns-tcp-multirequest-buffer/README new file mode 100644 index 000000000..6ce66e4e5 --- /dev/null +++ b/tests/dns/v2/dns-tcp-multirequest-buffer/README @@ -0,0 +1,5 @@ +Test a TCP DNS request that contains multiple DNS requests in a single +buffer. + +This test includes its own verification script instead of using the +default file compare. diff --git a/tests/dns/v2/dns-tcp-multirequest-buffer/suricata.yaml b/tests/dns/v2/dns-tcp-multirequest-buffer/suricata.yaml new file mode 100644 index 000000000..81343fac9 --- /dev/null +++ b/tests/dns/v2/dns-tcp-multirequest-buffer/suricata.yaml @@ -0,0 +1,8 @@ +%YAML 1.1 +--- + +outputs: + - eve-log: + enabled: yes + types: + - dns: diff --git a/tests/dns-tcp-multirequest-buffer/test.yaml b/tests/dns/v2/dns-tcp-multirequest-buffer/test.yaml similarity index 56% rename from tests/dns-tcp-multirequest-buffer/test.yaml rename to tests/dns/v2/dns-tcp-multirequest-buffer/test.yaml index 9bdb3c8b4..f05f95047 100644 --- a/tests/dns-tcp-multirequest-buffer/test.yaml +++ b/tests/dns/v2/dns-tcp-multirequest-buffer/test.yaml @@ -1,7 +1,8 @@ -requires: - features: - - HAVE_LIBJANSSON +pcap: ../../dns-tcp-multirequest-buffer/dns-tcp-multirequest-buffer.pcap +env: + SURICATA_EVE_DNS_VERSION: 2 + checks: - filter: count: 20 -- 2.47.2