tests: add rule to check for tcp/ack - v4

[0xEniola]

Test for rule type for tcp-ack keyword.

Related to
Issue: 6354

Redmine ticket: https://redmine.openinfosecfoundation.org/issues/6354

Suricata PR: https://github.com/OISF/suricata/pull/

Previous PR: #1432

[inashivb]

Is a README not needed for these tests?

[0xEniola]

Is a README not needed for these tests?

Actually, I don't know.
I did not include it for others and they were approved.

[inashivb]

Actually, I don't know. I did not include it for others and they were approved.

I see, thanks. I'll let Juliana decide on that.
We'll need a min-version check of 8 not 7 in test.yaml. This feature isn't and won't be available on 7, I think. I'm unsure though why haven't we flagged that in the previous versions of this and other PRs. 🤔

[0xEniola]

Actually, I don't know. I did not include it for others and they were approved.

I see, thanks. I'll let Juliana decide on that. We'll need a min-version check of 8 not 7 in test.yaml. This feature isn't and won't be available on 7, I think. I'm unsure though why haven't we flagged that in the previous versions of this and other PRs. 🤔

Ah, I see.

So, I'll have to wait for comments on this then...

[jufajardini]

Actually, I don't know. I did not include it for others and they were approved.

I see, thanks. I'll let Juliana decide on that. We'll need a min-version check of 8 not 7 in test.yaml. This feature isn't and won't be available on 7, I think. I'm unsure though why haven't we flagged that in the previous versions of this and other PRs. 🤔

Indeed, I don't know, myself. 🤔 Could it be because previous versions were before we opened the 8.0.x branch? (didn't check to confirm)

[jufajardini]

Is a README not needed for these tests?

So far, none of the tests created for engine-analysis have them... I've assumed that as they're a different category of tests, we didn't see README files as needed, here. Should we change that approach?

[0xEniola]

Is a README not needed for these tests?

So far, none of the tests created for engine-analysis have them... I've assumed that as they're a different category of tests, we didn't see README files as needed, here. Should we change that approach?

Well, it could be necessary, so the README file carries a description of what we are testing for, especially for persons new to suricata?

[jufajardini]

Is a README not needed for these tests?

So far, none of the tests created for engine-analysis have them... I've assumed that as they're a different category of tests, we didn't see README files as needed, here. Should we change that approach?

Well, it could be necessary, so the README file carries a description of what we are testing for, especially for persons new to suricata?

I guess it can't hurt to add one, if you're willing to add a good description :)

[0xEniola]

Is a README not needed for these tests?

So far, none of the tests created for engine-analysis have them... I've assumed that as they're a different category of tests, we didn't see README files as needed, here. Should we change that approach?

Well, it could be necessary, so the README file carries a description of what we are testing for, especially for persons new to suricata?

I guess it can't hurt to add one, if you're willing to add a good description :)

OK.

Will do that.
Done for the other PR on tcp-seq.