tests: tighten fw default policy test

author Victor Julien <victor@inliniac.net>

Thu, 28 May 2026 11:10:57 +0000 (13:10 +0200)

committer Victor Julien <victor@inliniac.net>

Thu, 28 May 2026 11:10:57 +0000 (13:10 +0200)
author Victor Julien <victor@inliniac.net>
Thu, 28 May 2026 11:10:57 +0000 (13:10 +0200)
committer Victor Julien <victor@inliniac.net>
Thu, 28 May 2026 11:10:57 +0000 (13:10 +0200)
diff --git a/tests/firewall/ruletype-firewall-68-config-default-policy-tls/test.yaml b/tests/firewall/ruletype-firewall-68-config-default-policy-tls/test.yaml

index 6c2fb3a90d8d74618c0e2825c60f8e10abbfa9e6..792bb02c4e50524517785d9d58b2386bd7a706d9 100644 (file)
--- a/tests/firewall/ruletype-firewall-68-config-default-policy-tls/test.yaml
+++ b/tests/firewall/ruletype-firewall-68-config-default-policy-tls/test.yaml
@@ -13,6 +13,19 @@ checks:
      match:
        event_type: alert
        alert.signature_id: 110
+      pcap_cnt: 20
+- filter:
+    count: 1
+    match:
+      event_type: drop
+      alert.signature_id: 110
+      pcap_cnt: 20
+# specifically check the first app-layer packet
+- filter:
+    count: 0
+    match:
+      event_type: drop
+      pcap_cnt: 4
  - filter:
      count: 42
      match:
author	Victor Julien <victor@inliniac.net>
	Thu, 28 May 2026 11:10:57 +0000 (13:10 +0200)
committer	Victor Julien <victor@inliniac.net>
	Thu, 28 May 2026 11:10:57 +0000 (13:10 +0200)