Merge remote-tracking branch 'origin/topic/jsiwek/unit-tests'

* origin/topic/jsiwek/unit-tests:
  Fix utils/conn-ids test due to renamed conn-ids.bro
  Moving the test for site.bro to live w/ other utils/ tests.
  Fix test due to moving of site.bro
  More policy/utils unit tests and documentation.
  Updating documentation for some utils/ policy scripts
  Add unit tests for utils/paths.bro with some changes
  Adding unit tests for utils.
  Adding test for utils/addrs.bro.
  Add unit test for site.bro.

Conflicts:
	policy/utils/site.bro

Closes #525.

testing/btest/Baseline/policy.utils.addrs/output

@@ -0,0 +1,43 @@
+============ test ipv4 regex
+T
+T
+T
+T
+T
+T
+T
+F
+F
+F
+T
+T
+============ test ipv6 regex
+T
+T
+T
+T
+T
+F
+F
+F
+F
+F
+T
+T
+============ test ipv6-ipv4 hybrid regexes
+T
+T
+F
+F
+F
+============ test find_ip_addresses()
+{
+[0] = 1.1.1.1,
+[2] = 3.3.3.3,
+[1] = 2.2.2.2
+}
+{
+[0] = 1.1.1.1,
+[2] = 3.3.3.3,
+[1] = 0:0:0:0:0:0:0:0
+}

testing/btest/Baseline/policy.utils.conn-ids/output

@@ -0,0 +1,6 @@
+10.0.0.100:10000 > 10.0.0.200:20000
+10.0.0.100:10000 < 10.0.0.200:20000
+10.0.0.100:10000 > 10.0.0.200:20000
+10.0.0.100:10000 < 10.0.0.200:20000
+T
+T

testing/btest/Baseline/policy.utils.directions-and-hosts/output

@@ -0,0 +1,24 @@
+LOCAL_HOSTS(10.0.0.100) == T: SUCCESS
+REMOTE_HOSTS(10.0.0.100) == F: SUCCESS
+ALL_HOSTS(10.0.0.100) == T: SUCCESS
+NO_HOSTS(10.0.0.100) == F: SUCCESS
+LOCAL_HOSTS(192.168.1.100) == F: SUCCESS
+REMOTE_HOSTS(192.168.1.100) == T: SUCCESS
+ALL_HOSTS(192.168.1.100) == T: SUCCESS
+NO_HOSTS(192.168.1.100) == F: SUCCESS
+INBOUND(o: 10.0.0.100, r: 10.0.0.200) == F: SUCCESS
+INBOUND(o: 10.0.0.100, r: 192.168.1.100) == F: SUCCESS
+INBOUND(o: 192.168.1.100, r: 10.0.0.100) == T: SUCCESS
+INBOUND(o: 192.168.1.100, r: 192.168.1.200) == F: SUCCESS
+OUTBOUND(o: 10.0.0.100, r: 10.0.0.200) == F: SUCCESS
+OUTBOUND(o: 10.0.0.100, r: 192.168.1.100) == T: SUCCESS
+OUTBOUND(o: 192.168.1.100, r: 10.0.0.100) == F: SUCCESS
+OUTBOUND(o: 192.168.1.100, r: 192.168.1.200) == F: SUCCESS
+BIDIRECTIONAL(o: 10.0.0.100, r: 10.0.0.200) == F: SUCCESS
+BIDIRECTIONAL(o: 10.0.0.100, r: 192.168.1.100) == T: SUCCESS
+BIDIRECTIONAL(o: 192.168.1.100, r: 10.0.0.100) == T: SUCCESS
+BIDIRECTIONAL(o: 192.168.1.100, r: 192.168.1.200) == F: SUCCESS
+NO_DIRECTION(o: 10.0.0.100, r: 10.0.0.200) == F: SUCCESS
+NO_DIRECTION(o: 10.0.0.100, r: 192.168.1.100) == F: SUCCESS
+NO_DIRECTION(o: 192.168.1.100, r: 10.0.0.100) == F: SUCCESS
+NO_DIRECTION(o: 192.168.1.100, r: 192.168.1.200) == F: SUCCESS

testing/btest/Baseline/policy.utils.files/output

@@ -0,0 +1,32 @@
+test-prefix_141.142.220.118:48649-208.80.152.118:80_test-suffix
+test-prefix_141.142.220.118:48649-208.80.152.118:80
+141.142.220.118:48649-208.80.152.118:80_test-suffix
+141.142.220.118:48649-208.80.152.118:80
+test-prefix_141.142.220.118:49997-208.80.152.3:80_test-suffix
+test-prefix_141.142.220.118:49997-208.80.152.3:80
+141.142.220.118:49997-208.80.152.3:80_test-suffix
+141.142.220.118:49997-208.80.152.3:80
+test-prefix_141.142.220.118:49996-208.80.152.3:80_test-suffix
+test-prefix_141.142.220.118:49996-208.80.152.3:80
+141.142.220.118:49996-208.80.152.3:80_test-suffix
+141.142.220.118:49996-208.80.152.3:80
+test-prefix_141.142.220.118:49998-208.80.152.3:80_test-suffix
+test-prefix_141.142.220.118:49998-208.80.152.3:80
+141.142.220.118:49998-208.80.152.3:80_test-suffix
+141.142.220.118:49998-208.80.152.3:80
+test-prefix_141.142.220.118:50000-208.80.152.3:80_test-suffix
+test-prefix_141.142.220.118:50000-208.80.152.3:80
+141.142.220.118:50000-208.80.152.3:80_test-suffix
+141.142.220.118:50000-208.80.152.3:80
+test-prefix_141.142.220.118:49999-208.80.152.3:80_test-suffix
+test-prefix_141.142.220.118:49999-208.80.152.3:80
+141.142.220.118:49999-208.80.152.3:80_test-suffix
+141.142.220.118:49999-208.80.152.3:80
+test-prefix_141.142.220.118:50001-208.80.152.3:80_test-suffix
+test-prefix_141.142.220.118:50001-208.80.152.3:80
+141.142.220.118:50001-208.80.152.3:80_test-suffix
+141.142.220.118:50001-208.80.152.3:80
+test-prefix_141.142.220.118:35642-208.80.152.2:80_test-suffix
+test-prefix_141.142.220.118:35642-208.80.152.2:80
+141.142.220.118:35642-208.80.152.2:80_test-suffix
+141.142.220.118:35642-208.80.152.2:80

testing/btest/Baseline/policy.utils.numbers/output

@@ -0,0 +1,7 @@
+0
+13
+13
+13
+13
+13
+1

testing/btest/Baseline/policy.utils.paths/output

@@ -0,0 +1,84 @@
+test compress_path()
+===============================
+Given : foo//bar
+Expect: foo/bar
+Result: foo/bar
+Result: SUCCESS
+===============================
+Given : foo//bar/..
+Expect: foo
+Result: foo
+Result: SUCCESS
+===============================
+Given : foo/bar/../..
+Expect: 
+Result: 
+Result: SUCCESS
+===============================
+Given : foo//bar/../..
+Expect: 
+Result: 
+Result: SUCCESS
+===============================
+Given : /foo/../bar
+Expect: /bar
+Result: /bar
+Result: SUCCESS
+===============================
+Given : /foo/../bar/..
+Expect: /
+Result: /
+Result: SUCCESS
+===============================
+Given : /foo/baz/../..
+Expect: /
+Result: /
+Result: SUCCESS
+===============================
+Given : ../..
+Expect: ../..
+Result: ../..
+Result: SUCCESS
+===============================
+Given : foo/../../..
+Expect: ../..
+Result: ../..
+Result: SUCCESS
+===============================
+test extract_path()
+===============================
+Given : "/this/is/a/dir" is current directory
+Expect: /this/is/a/dir
+Result: /this/is/a/dir
+Result: SUCCESS
+===============================
+Given : /this/is/a/dir is current directory
+Expect: /this/is/a/dir
+Result: /this/is/a/dir
+Result: SUCCESS
+===============================
+Given : /this/is/a/dir\ is\ current\ directory
+Expect: /this/is/a/dir\ is\ current\ directory
+Result: /this/is/a/dir\ is\ current\ directory
+Result: SUCCESS
+===============================
+Given : hey, /foo/bar/baz.bro is a cool script
+Expect: /foo/bar/baz.bro
+Result: /foo/bar/baz.bro
+Result: SUCCESS
+===============================
+Given : here's two dirs: /foo/bar and /foo/baz
+Expect: /foo/bar
+Result: /foo/bar
+Result: SUCCESS
+===============================
+test build_path_compressed()
+===============================
+/home/bro/policy/somefile.bro
+/usr/local/bro/share/bro/somefile.bro
+/usr/local/bro/somefile.bro
+===============================
+test build_full_path()
+===============================
+/home/bro//policy/somefile.bro
+/usr/local/bro/share/bro/somefile.bro

testing/btest/Baseline/policy.utils.pattern/output

@@ -0,0 +1,6 @@
+/^?((blarg|blah|bleh))$?/
+T
+/^?(foo(blarg|blah|bleh)bar)$?/
+T
+[matched=T, str=blah, off=4]
+[matched=F, str=, off=0]

testing/btest/Baseline/policy.utils.site/output

@@ -0,0 +1,2 @@
+other-site-admin@example.com, site-admin@example.com
+other-site-admin@example.com, net-admin@example.com, site-admin@example.com

testing/btest/Baseline/policy.utils.strings/output

@@ -0,0 +1,13 @@
+'hello' is NOT considered binary
+'\xff\xff\xff\0' IS considered binary
+'\0\0\xff\0' IS considered binary
+'\0\0\0\0' is NOT considered binary
+two, one, three
+one
+hell\o w\orl\d
+\\hello world\\
+hello world
+hello worl
+hello
+
+

testing/btest/Baseline/policy.utils.thresholds/output

@@ -0,0 +1,45 @@
+Iteration: 0, threshold check: F
+[n=0, index=0]
+Iteration: 1, threshold check: F
+[n=1, index=0]
+Iteration: 2, threshold check: T
+[n=2, index=1]
+Iteration: 3, threshold check: F
+[n=3, index=1]
+Iteration: 4, threshold check: T
+[n=4, index=2]
+Iteration: 5, threshold check: F
+[n=5, index=2]
+Iteration: 6, threshold check: T
+[n=6, index=3]
+Iteration: 7, threshold check: F
+[n=7, index=3]
+Iteration: 8, threshold check: T
+[n=8, index=4]
+Iteration: 9, threshold check: F
+[n=9, index=4]
+Iteration: 10, threshold check: T
+[n=10, index=5]
+====================================
+Iteration: 0, threshold check: F
+[n=0, index=0]
+Iteration: 1, threshold check: F
+[n=1, index=0]
+Iteration: 2, threshold check: T
+[n=2, index=1]
+Iteration: 3, threshold check: F
+[n=3, index=1]
+Iteration: 4, threshold check: T
+[n=4, index=2]
+Iteration: 5, threshold check: F
+[n=5, index=2]
+Iteration: 6, threshold check: T
+[n=6, index=3]
+Iteration: 7, threshold check: F
+[n=7, index=3]
+Iteration: 8, threshold check: T
+[n=8, index=4]
+Iteration: 9, threshold check: F
+[n=9, index=4]
+Iteration: 10, threshold check: T
+[n=10, index=5]

testing/btest/policy/utils/addrs.test

@@ -0,0 +1,104 @@
+# @TEST-EXEC: bro %INPUT > output
+# @TEST-EXEC: btest-diff output
+
+@load utils/addrs
+
+event bro_init()
+	{
+	local ip = "0.0.0.0";
+
+	print "============ test ipv4 regex";
+	print ip == ipv4_addr_regex;
+	print is_valid_ip(ip);
+	ip = "1.1.1.1";
+	print ip == ipv4_addr_regex;
+	print is_valid_ip(ip);
+	ip = "255.255.255.255";
+	print ip == ipv4_addr_regex;
+	print is_valid_ip(ip);
+	ip = "255.255.255.256";
+	print ip == ipv4_addr_regex; # the regex doesn't check for 0-255
+	print is_valid_ip(ip);       # but is_valid_ip() will
+	ip = "255.255.255.255.255";
+	print ip == ipv4_addr_regex;
+	print is_valid_ip(ip);
+	ip = "192.168.1.100";
+	print ip == ipv4_addr_regex;
+	print is_valid_ip(ip);
+
+	print "============ test ipv6 regex";
+
+	ip = "2001:0db8:85a3:0000:0000:8a2e:0370:7334";
+	print is_valid_ip(ip);
+
+	# test for case insensitivity
+	ip = "2001:0DB8:85A3:0000:0000:8A2E:0370:7334";
+	print is_valid_ip(ip);
+
+	# any case mixture is allowed
+	ip = "2001:0dB8:85a3:0000:0000:8A2E:0370:7334";
+	print is_valid_ip(ip);
+
+	# leading zeroes of a 16-bit group may be omitted
+	ip = "2001:db8:85a3:0:0:8a2e:370:7334";
+	print is_valid_ip(ip);
+
+	# a single occurrence of consecutive groups of zeroes may be replaced by ::
+	ip = "2001:db8:85a3::8a2e:370:7334";
+	print is_valid_ip(ip);
+
+	# this should fail because we don't have enough 16-bit groups
+	ip = "2001:db8:85a3:8a2e:370:7334";
+	print is_valid_ip(ip);
+
+	# this should fail because of an invalid hex digit
+	ip = "2001:gb8:85a3::8a2e:370:7334";
+	print is_valid_ip(ip);
+
+	# this should fail because we have too many 16-bit groups
+	ip = "2001:0db8:85a3:0000:0000:8a2e:0370:7334:1111";
+	print is_valid_ip(ip);
+
+	# this should fail because one group isn't 16-bits
+	ip = "2001:0db8:85a3:0000:0000:8a2e00:0370:7334";
+	print is_valid_ip(ip);
+
+	# this should fail because we can't have more than one ::
+	ip = "2001::85a3::7334";
+	print is_valid_ip(ip);
+
+	# all zeroes should work
+	ip = "0:0:0:0:0:0:0:0";
+	print is_valid_ip(ip);
+
+	# all zeroes condensed should work
+	ip = "::";
+	print is_valid_ip(ip);
+
+	print "============ test ipv6-ipv4 hybrid regexes";
+
+	# hybrid ipv6-ipv4 address should work
+	ip = "2001:db8:0:0:0:FFFF:192.168.0.5";
+	print is_valid_ip(ip);
+
+	# hybrid ipv6-ipv4 address with zero ommission should work
+	ip = "2001:db8::FFFF:192.168.0.5";
+	print is_valid_ip(ip);
+
+	# hybrid format with more than six 16-bit groups should fail
+	ip = "2001:db8:0:0:0:0:FFFF:192.168.0.5";
+	print is_valid_ip(ip);
+
+	# hybrid format without a 4 octet ipv4 part should fail
+	ip = "2001:db8:0:0:0:FFFF:192.168.0";
+	print is_valid_ip(ip);
+
+	# hybrid format's ipv4 part should test that all octet's are 0-255
+	ip = "2001:db8:0:0:0:FFFF:192.168.0.256";
+	print is_valid_ip(ip);
+
+	print "============ test find_ip_addresses()";
+	print find_ip_addresses("this is 1.1.1.1 a test 2.2.2.2 string with ip addresses 3.3.3.3");
+	print find_ip_addresses("this is 1.1.1.1 a test 0:0:0:0:0:0:0:0 string with ip addresses 3.3.3.3");
+
+	}

testing/btest/policy/utils/conn-ids.test

@@ -0,0 +1,14 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/conn-ids
+
+global c: conn_id = [ $orig_h = 10.0.0.100, $orig_p = 10000,
+                      $resp_h = 10.0.0.200, $resp_p = 20000 ];
+
+print id_string(c);
+print reverse_id_string(c);
+print directed_id_string(c, T);
+print directed_id_string(c, F);
+print id_string(c) == directed_id_string(c, T);
+print reverse_id_string(c) == directed_id_string(c, F);

testing/btest/policy/utils/directions-and-hosts.test

@@ -0,0 +1,72 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/site
+@load utils/directions-and-hosts
+
+redef Site::local_nets += { 10.0.0.0/8 };
+
+global local_ip = 10.0.0.100;
+global remote_ip = 192.168.1.100;
+
+global local2local: conn_id = [
+    $orig_h = 10.0.0.100, $orig_p = 10000,
+    $resp_h = 10.0.0.200, $resp_p = 20000 ];
+
+global local2remote: conn_id = [
+    $orig_h = 10.0.0.100,    $orig_p = 10000,
+    $resp_h = 192.168.1.100, $resp_p = 20000 ];
+
+global remote2local: conn_id = [
+    $orig_h = 192.168.1.100,    $orig_p = 10000,
+    $resp_h = 10.0.0.100,       $resp_p = 20000 ];
+
+global remote2remote: conn_id = [
+    $orig_h = 192.168.1.100, $orig_p = 10000,
+    $resp_h = 192.168.1.200, $resp_p = 20000 ];
+
+function test_host(ip: addr, h: Host, expect: bool)
+	{
+	local result = addr_matches_host(ip, h);
+	print fmt("%s(%s) == %s: %s", h, ip, expect,
+	          result == expect ? "SUCCESS" : "FAIL");
+	}
+
+function test_dir(id: conn_id, d: Direction, expect: bool)
+	{
+	local result = id_matches_direction(id, d);
+	print fmt("%s(o: %s, r: %s) == %s: %s", d, id$orig_h, id$resp_h, expect,
+	          result == expect ? "SUCCESS" : "FAIL");
+	}
+
+event bro_init()
+	{
+	test_host(local_ip,  LOCAL_HOSTS,  T);
+	test_host(local_ip,  REMOTE_HOSTS, F);
+	test_host(local_ip,  ALL_HOSTS,    T);
+	test_host(local_ip,  NO_HOSTS,     F);
+	test_host(remote_ip, LOCAL_HOSTS,  F);
+	test_host(remote_ip, REMOTE_HOSTS, T);
+	test_host(remote_ip, ALL_HOSTS,    T);
+	test_host(remote_ip, NO_HOSTS,     F);
+
+	test_dir(local2local,   INBOUND,       F);
+	test_dir(local2remote,  INBOUND,       F);
+	test_dir(remote2local,  INBOUND,       T);
+	test_dir(remote2remote, INBOUND,       F);
+
+	test_dir(local2local,   OUTBOUND,      F);
+	test_dir(local2remote,  OUTBOUND,      T);
+	test_dir(remote2local,  OUTBOUND,      F);
+	test_dir(remote2remote, OUTBOUND,      F);
+
+	test_dir(local2local,   BIDIRECTIONAL, F);
+	test_dir(local2remote,  BIDIRECTIONAL, T);
+	test_dir(remote2local,  BIDIRECTIONAL, T);
+	test_dir(remote2remote, BIDIRECTIONAL, F);
+
+	test_dir(local2local,   NO_DIRECTION,  F);
+	test_dir(local2remote,  NO_DIRECTION,  F);
+	test_dir(remote2local,  NO_DIRECTION,  F);
+	test_dir(remote2remote, NO_DIRECTION,  F);
+	}

testing/btest/policy/utils/files.test

@@ -0,0 +1,12 @@
+# @TEST-EXEC: bro -r $TRACES/wikipedia.trace %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/files
+
+event connection_established(c: connection)
+	{
+	print generate_extraction_filename("test-prefix", c, "test-suffix");
+	print generate_extraction_filename("test-prefix", c, "");
+	print generate_extraction_filename("", c, "test-suffix");
+	print generate_extraction_filename("", c, "");
+	}

testing/btest/policy/utils/numbers.test

@@ -0,0 +1,12 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/numbers
+
+print extract_count("These aren't the numbers you're looking for.");
+print extract_count("13These aren't the numbers you're looking for.");
+print extract_count("13 These aren't the numbers you're looking for.");
+print extract_count("These aren't the 13 numbers you're looking for.");
+print extract_count("These aren't the numbers you're looking for.13");
+print extract_count("These aren't the numbers you're looking for. 13");
+print extract_count("These aren't the 1abc3 numbers you're looking for.");

testing/btest/policy/utils/paths.test

@@ -0,0 +1,57 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/paths
+
+function test_extract(str: string, expect: string)
+	{
+	local result = extract_path(str);
+	print fmt("Given : %s", str);
+	print fmt("Expect: %s", expect);
+	print fmt("Result: %s", result);
+	print fmt("Result: %s", result == expect ? "SUCCESS" : "FAIL");
+	print "===============================";
+	}
+
+function test_compress(str: string, expect: string)
+	{
+	local result = compress_path(str);
+	print fmt("Given : %s", str);
+	print fmt("Expect: %s", expect);
+	print fmt("Result: %s", result);
+	print fmt("Result: %s", result == expect ? "SUCCESS" : "FAIL");
+	print "===============================";
+	}
+
+print "test compress_path()";
+print "===============================";
+test_compress("foo//bar", "foo/bar");
+test_compress("foo//bar/..", "foo");
+test_compress("foo/bar/../..", "");
+test_compress("foo//bar/../..", "");
+test_compress("/foo/../bar", "/bar");
+test_compress("/foo/../bar/..", "/");
+test_compress("/foo/baz/../..", "/");
+test_compress("../..", "../..");
+test_compress("foo/../../..", "../..");
+
+print "test extract_path()";
+print "===============================";
+test_extract("\"/this/is/a/dir\" is current directory", "/this/is/a/dir");
+test_extract("/this/is/a/dir is current directory", "/this/is/a/dir");
+test_extract("/this/is/a/dir\\ is\\ current\\ directory", "/this/is/a/dir\\ is\\ current\\ directory");
+test_extract("hey, /foo/bar/baz.bro is a cool script", "/foo/bar/baz.bro");
+test_extract("here's two dirs: /foo/bar and /foo/baz", "/foo/bar");
+
+print "test build_path_compressed()";
+print "===============================";
+print build_path_compressed("/home/bro/", "policy/somefile.bro");
+print build_path_compressed("/home/bro/", "/usr/local/bro/share/bro/somefile.bro");
+print build_path_compressed("/home/bro/", "/usr/local/bro/share/../../bro/somefile.bro");
+
+print "===============================";
+print "test build_full_path()";
+print "===============================";
+print build_path("/home/bro/", "policy/somefile.bro");
+print build_path("/home/bro/", "/usr/local/bro/share/bro/somefile.bro");
+

testing/btest/policy/utils/pattern.test

@@ -0,0 +1,16 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/pattern
+
+global r1 = set_to_regex(set("blah", "bleh", "blarg"), "(~~)");
+global r2 = set_to_regex(set("blah", "bleh", "blarg"), "foo(~~)bar");
+
+print r1;
+print "blah" == r1;
+
+print r2;
+print "fooblargbar" == r2;
+
+print match_pattern("123blah123", r1);
+print match_pattern("no match here", r1);

testing/btest/policy/utils/site.test

@@ -0,0 +1,18 @@
+# @TEST-EXEC: bro %INPUT > output
+# @TEST-EXEC: btest-diff output
+
+@load utils/site
+
+global a = { "site-admin@example.com", "other-site-admin@example.com" };
+global b = { "net-admin@example.com" };
+
+redef Site::local_admins += {
+    [141.142.0.0/16] = a,
+    [141.142.100.0/24] = b,
+};
+
+event bro_init()
+    {
+    print Site::get_emails(141.142.1.1);
+    print Site::get_emails(141.142.100.100);
+    }

testing/btest/policy/utils/strings.test

@@ -0,0 +1,29 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/strings
+
+function test_binary_string(s: string)
+	{
+	if ( is_string_binary(s) )
+		print fmt("'%s' IS considered binary", s);
+	else
+		print fmt("'%s' is NOT considered binary", s);
+	}
+
+test_binary_string("\x68\x65\x6C\x6C\x6F");
+test_binary_string("\xFF\xFF\xFF\x00");
+test_binary_string("\x00\x00\xFF\x00");
+test_binary_string("\x00\x00\x00\x00");
+
+print join_string_set(set("one", "two", "three"), ", ");
+print join_string_set(set("one"), ", ");
+
+print string_escape("hello world", "od");
+print string_escape("\\hello world\\", "");
+
+print cut_tail("hello world", 0);
+print cut_tail("hello world", 1);
+print cut_tail("hello world", 6);
+print cut_tail("hello world", 11);
+print cut_tail("hello world", 12);

testing/btest/policy/utils/thresholds.test

@@ -0,0 +1,28 @@
+# @TEST-EXEC: bro %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+@load utils/thresholds
+
+redef default_notice_thresholds = { 2, 4, 6, 8, 10 };
+const my_thresholds: vector of count = { 2, 4, 6, 8, 10 };
+const loop_v: vector of count = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
+global track_count: TrackCount;
+
+for ( i in loop_v )
+	{
+	print fmt("Iteration: %s, threshold check: %s", i,
+	          check_threshold(my_thresholds, track_count));
+	print track_count;
+	++track_count$n;
+	}
+
+track_count$n = 0; track_count$index = 0;
+
+print "====================================";
+for ( i in loop_v )
+	{
+	print fmt("Iteration: %s, threshold check: %s", i,
+	          default_check_threshold(track_count));
+	print track_count;
+	++track_count$n;
+	}