Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tests: linktype_name test #1994

Closed
wants to merge 2 commits into from
Closed

tests: linktype_name test #1994

wants to merge 2 commits into from

Conversation

jlucovsky
Copy link
Contributor

@jlucovsky jlucovsky commented Jul 27, 2024
edited
Loading

Continuation of #1853

Issue: 6954

Ensure that the linktype_name is included in the alerts.

Updates:

  • Modify existing test cases to expand the range of linktype name values.

Ticket

If your pull request is related to a Suricata ticket, please provide
the full URL to the ticket here so this pull request can monitor
changes to the ticket status:

Redmine ticket: https://redmine.openinfosecfoundation.org/issues/6954

Suricata PR: OISF/suricata#11564

@jlucovsky
tests: linktype_name test
299542c 
Issue: 6954

Ensure that the linktype_name is included in the alerts.
This was referenced Jul 27, 2024
Closed
Closed
@victorjulien
Copy link
Member

Needs to pass on 6.0x and 7.0.x.

@jlucovsky
test/linktype: Expand linktype_name coverage
736d9b3 
Issue: 4974

This commit extends the linktype_name validation across the existing
tests so that more linktype name values are checked:
    - C_HDLC
    - PPP
    - IPV4
    - IPV6
    - RAW
    - EN10B
    - LINUX_SLL

Some existing tests required suricata.yaml configuration to enable the
packet values to be in the alerts.
@jlucovsky jlucovsky mentioned this pull request Jul 30, 2024
Closed
victorjulien
victorjulien reviewed Jul 30, 2024
View reviewed changes
tests/decode-chdlc-01/test.yaml
@@ -1,6 +1,7 @@
requires:

min-version: 6.0.0
lt-version: 8
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is this needed?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will remove

victorjulien
victorjulien reviewed Jul 30, 2024
View reviewed changes
tests/decode-chdlc-02/test.yaml
- filter:
count: 1
match:
event_type: http
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

is this indentation correct yaml? Looks like 4 spaces instead of 2?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This was in the original file.

Do you recommend fixing the original in addition to this one?

@jlucovsky
Copy link
Contributor Author

Continued in #1996

@jlucovsky jlucovsky closed this Jul 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@victorjulien victorjulien victorjulien left review comments

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jlucovsky @victorjulien