tests: firewall: add missing rules

Ticket: #8495.

diff --git a/tests/firewall/ruletype-firewall-45-iprep-8285/firewall.rules b/tests/firewall/ruletype-firewall-45-iprep-8285/firewall.rules
index 9cdcf086c1f6ac6707508f1f6078492fd55e6929..8c09f54a13e7a287ca7563ff882d178d8098499f 100644 (file)
--- a/tests/firewall/ruletype-firewall-45-iprep-8285/firewall.rules
+++ b/tests/firewall/ruletype-firewall-45-iprep-8285/firewall.rules
@@ -4,5 +4,6 @@ accept:hook tcp:all any any -> any any (sid:100;)
 
 # default drop
 
+accept:hook http1:request_started any any -> any any (sid:997;)
 drop:flow http1:request_line any any -> any any (sid:999; alert; iprep:dst,test,>,0;)
 accept:flow http1:request_line any any -> any any (sid:998;)

diff --git a/tests/firewall/ruletype-firewall-47-iprep-8285/firewall.rules b/tests/firewall/ruletype-firewall-47-iprep-8285/firewall.rules
index 9cdcf086c1f6ac6707508f1f6078492fd55e6929..8c09f54a13e7a287ca7563ff882d178d8098499f 100644 (file)
--- a/tests/firewall/ruletype-firewall-47-iprep-8285/firewall.rules
+++ b/tests/firewall/ruletype-firewall-47-iprep-8285/firewall.rules
@@ -4,5 +4,6 @@ accept:hook tcp:all any any -> any any (sid:100;)
 
 # default drop
 
+accept:hook http1:request_started any any -> any any (sid:997;)
 drop:flow http1:request_line any any -> any any (sid:999; alert; iprep:dst,test,>,0;)
 accept:flow http1:request_line any any -> any any (sid:998;)

diff --git a/tests/firewall/ruletype-firewall-48-iprep-8285/firewall.rules b/tests/firewall/ruletype-firewall-48-iprep-8285/firewall.rules
index 855d1c36cdb8bdc2d1a13410700559f74176f2db..1bce7778af8405552ab9f2454de04a90aff21283 100644 (file)
--- a/tests/firewall/ruletype-firewall-48-iprep-8285/firewall.rules
+++ b/tests/firewall/ruletype-firewall-48-iprep-8285/firewall.rules
@@ -4,4 +4,5 @@ accept:hook tcp:all any any -> any any (sid:100;)
 
 # default drop
 
+accept:hook http1:request_started any any -> any any (sid:997;)
 accept:flow http1:request_line any any -> any any (sid:999; alert; iprep:dst,test,>,0;)

diff --git a/tests/firewall/ruletype-firewall-56-dns-opcode/firewall.rules b/tests/firewall/ruletype-firewall-56-dns-opcode/firewall.rules
index a497a14ce013d48ec9e2c03d4d1431c0516c442b..2a07bac10cf490ab8dec0e521d4ee9ca3f2ab6b4 100644 (file)
--- a/tests/firewall/ruletype-firewall-56-dns-opcode/firewall.rules
+++ b/tests/firewall/ruletype-firewall-56-dns-opcode/firewall.rules
@@ -4,6 +4,7 @@
 # Accept all UDP packets
 accept:hook udp:all any any -> any any (sid:100;)
 
+accept:hook dns:request_started any any -> any any (sid:999;)
 # Test dns.opcode: match standard query (opcode 0) and alert
 accept:hook dns:request_complete any any -> any any (dns.opcode:0; alert; sid:1;)
 

diff --git a/tests/firewall/ruletype-firewall-57-dns-datarep/firewall.rules b/tests/firewall/ruletype-firewall-57-dns-datarep/firewall.rules
index 8ae1eac5624a39b663ded4183f1a5a7a3f278350..98b22dc0854797e13697a04a66b71394a14a47cd 100644 (file)
--- a/tests/firewall/ruletype-firewall-57-dns-datarep/firewall.rules
+++ b/tests/firewall/ruletype-firewall-57-dns-datarep/firewall.rules
@@ -4,6 +4,7 @@
 # Accept all UDP packets
 accept:hook udp:all any any -> any any (sid:100;)
 
+accept:hook dns:request_started any any -> any any (sid:999;)
 # Test datarep: match DNS query against reputation list
 accept:hook dns:request_complete any any -> any any (dns.query; datarep:dns_rep,>,0,load dns_rep.rep,type string; alert; sid:1;)