Add basic testing for Geneve protocol analyzer

The added pcap file was downloaded from an attachment to
https://gitlab.com/wireshark/wireshark/-/issues/10193 without explicit
license.

testing/btest/Baseline/core.tunnels.geneve/conn.log

@@ -7,9 +7,7 @@
 #open XXXX-XX-XX-XX-XX-XX
 #fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	local_resp	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
 #types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	bool	count	string	count	count	count	count	set[string]
-XXXXXXXXXX.XXXXXX	CUM0KZ3MLUfNB0cl11	192.168.56.12	12313	192.168.56.11	6081	udp	geneve	3.006029	424	0	S0	-	-	0	D	4	536	0	0	-
-XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	192.168.56.12	18896	192.168.56.11	6081	udp	-	-	-	-	S0	-	-	0	D	1	78	0	0	-
-XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	192.168.56.11	16613	192.168.56.12	6081	udp	-	-	-	-	S0	-	-	0	D	1	78	0	0	-
-XXXXXXXXXX.XXXXXX	C4J4Th3PJpwUYZZ6gc	192.168.56.11	35671	192.168.56.12	6081	udp	geneve	3.006103	424	0	S0	-	-	0	D	4	536	0	0	-
-XXXXXXXXXX.XXXXXX	CtPZjS20MLrsMUOJi2	10.0.0.1	8	10.0.0.2	0	icmp	-	3.006247	224	224	OTH	-	-	0	-	4	336	4	336	CUM0KZ3MLUfNB0cl11,C4J4Th3PJpwUYZZ6gc
+XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	20.0.0.2	0	20.0.0.1	6081	udp	geneve	1.999999	318	0	S0	-	-	0	D	3	402	0	0	-
+XXXXXXXXXX.XXXXXX	CHhAvVGS1DHFjwGM9	20.0.0.1	50901	20.0.0.2	6081	udp	-	1.999995	342	0	S0	-	-	0	D	3	426	0	0	-
+XXXXXXXXXX.XXXXXX	C4J4Th3PJpwUYZZ6gc	30.0.0.2	0	30.0.0.1	8	icmp	-	1.999999	168	0	OTH	-	-	0	-	3	252	0	0	ClEkJM2Vm5giqnMf4h
 #close XXXX-XX-XX-XX-XX-XX

testing/btest/Baseline/core.tunnels.geneve/out

@@ -1,9 +1,4 @@
 ### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
-geneve_packet, [orig_h=192.168.56.11, orig_p=35671/udp, resp_h=192.168.56.12, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=62447, ttl=64, p=1, src=10.0.0.1, dst=10.0.0.2], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=8]], 123
-geneve_packet, [orig_h=192.168.56.12, orig_p=12313/udp, resp_h=192.168.56.11, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=6052, ttl=64, p=1, src=10.0.0.2, dst=10.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 123
-geneve_packet, [orig_h=192.168.56.11, orig_p=35671/udp, resp_h=192.168.56.12, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=62605, ttl=64, p=1, src=10.0.0.1, dst=10.0.0.2], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=8]], 123
-geneve_packet, [orig_h=192.168.56.12, orig_p=12313/udp, resp_h=192.168.56.11, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=6257, ttl=64, p=1, src=10.0.0.2, dst=10.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 123
-geneve_packet, [orig_h=192.168.56.11, orig_p=35671/udp, resp_h=192.168.56.12, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=62848, ttl=64, p=1, src=10.0.0.1, dst=10.0.0.2], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=8]], 123
-geneve_packet, [orig_h=192.168.56.12, orig_p=12313/udp, resp_h=192.168.56.11, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=6281, ttl=64, p=1, src=10.0.0.2, dst=10.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 123
-geneve_packet, [orig_h=192.168.56.11, orig_p=35671/udp, resp_h=192.168.56.12, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=63054, ttl=64, p=1, src=10.0.0.1, dst=10.0.0.2], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=8]], 123
-geneve_packet, [orig_h=192.168.56.12, orig_p=12313/udp, resp_h=192.168.56.11, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=6530, ttl=64, p=1, src=10.0.0.2, dst=10.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 123
+geneve_packet, [orig_h=20.0.0.2, orig_p=0/udp, resp_h=20.0.0.1, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=4503, ttl=64, p=1, src=30.0.0.2, dst=30.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 0
+geneve_packet, [orig_h=20.0.0.2, orig_p=0/udp, resp_h=20.0.0.1, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=4504, ttl=64, p=1, src=30.0.0.2, dst=30.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 0
+geneve_packet, [orig_h=20.0.0.2, orig_p=0/udp, resp_h=20.0.0.1, resp_p=6081/udp], [ip=[hl=20, tos=0, len=84, id=4505, ttl=64, p=1, src=30.0.0.2, dst=30.0.0.1], ip6=<uninitialized>, tcp=<uninitialized>, udp=<uninitialized>, icmp=[icmp_type=0]], 0

testing/btest/Baseline/core.tunnels.geneve/tunnel.log

@@ -0,0 +1,12 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	tunnel
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	tunnel_type	action
+#types	time	string	addr	port	addr	port	enum	enum
+XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	20.0.0.2	0	20.0.0.1	6081	Tunnel::GENEVE	Tunnel::DISCOVER
+XXXXXXXXXX.XXXXXX	ClEkJM2Vm5giqnMf4h	20.0.0.2	0	20.0.0.1	6081	Tunnel::GENEVE	Tunnel::CLOSE
+#close XXXX-XX-XX-XX-XX-XX

testing/btest/Traces/tunnels/geneve.README

@@ -0,0 +1,2 @@
+The trace file `geneve.pcap` was downloaded from the Wireshark bug tracker,
+https://gitlab.com/wireshark/wireshark/-/issues/10193.

testing/btest/core/tunnels/geneve.zeek

@@ -0,0 +1,13 @@
+# @TEST-EXEC: zeek -b -r $TRACES/tunnels/geneve.pcap %INPUT >out
+# @TEST-EXEC: btest-diff out
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff tunnel.log
+
+@load base/frameworks/tunnels
+@load base/frameworks/dpd
+@load base/protocols/conn
+
+event geneve_packet(c: connection, inner: pkt_hdr, vni: count)
+	{
+	print "geneve_packet", c$id, inner, vni;
+	}