Update/improve known-hosts unit test.

testing/btest/Baseline/policy.known-hosts-test/.stderr

@@ -1,34 +0,0 @@
-weird: 1300475167.097012 non_IPv4_packet
-1300475168.652003 weird: bad_TCP_checksum
-1300475168.784020 weird: bad_TCP_checksum
-1300475168.853899 weird: bad_UDP_checksum
-1300475168.854378 weird: bad_UDP_checksum
-1300475168.854837 weird: bad_UDP_checksum
-1300475168.857956 weird: bad_UDP_checksum
-1300475168.858306 weird: bad_UDP_checksum
-1300475168.858713 weird: bad_UDP_checksum
-1300475168.891644 weird: bad_UDP_checksum
-1300475168.892037 weird: bad_UDP_checksum
-1300475168.892414 weird: bad_UDP_checksum
-1300475168.893988 weird: bad_UDP_checksum
-1300475168.894422 weird: bad_UDP_checksum
-1300475168.894787 weird: bad_UDP_checksum
-1300475168.901749 weird: bad_UDP_checksum
-1300475168.902195 weird: bad_UDP_checksum
-1300475168.916018 weird: bad_TCP_checksum
-1300475168.916183 weird: bad_TCP_checksum
-1300475168.918358 weird: bad_TCP_checksum
-1300475168.952296 weird: bad_TCP_checksum
-1300475168.952307 weird: bad_TCP_checksum
-1300475168.954820 weird: bad_TCP_checksum
-1300475168.962687 weird: bad_TCP_checksum
-1300475168.975934 weird: bad_TCP_checksum
-1300475168.976436 weird: bad_TCP_checksum
-1300475168.979264 weird: bad_TCP_checksum
-1300475169.014593 weird: bad_TCP_checksum
-1300475169.014619 weird: bad_TCP_checksum
-1300475169.014927 weird: bad_TCP_checksum
-weird: 1300475171.675372 non_IPv4_packet
-weird: 1300475171.775468 non_IPv4_packet
-weird: 1300475173.116749 non_IPv4_packet
-weird: 1300475173.216550 non_IPv4_packet

testing/btest/Baseline/policy.known-hosts-test/KNOWN_HOSTS

@@ -1,5 +0,0 @@
-ts	address
-1300475168.78384	141.142.220.118	
-1300475168.78384	208.80.152.118	
-1300475168.91594	208.80.152.3	
-1300475168.96263	208.80.152.2	

testing/btest/Baseline/policy.protocols.conn.known-hosts/knownhosts-all.log

@@ -0,0 +1,5 @@
+# ts	host
+1300475168.78384	141.142.220.118
+1300475168.78384	208.80.152.118
+1300475168.91594	208.80.152.3
+1300475168.96263	208.80.152.2

testing/btest/Baseline/policy.protocols.conn.known-hosts/knownhosts-default.log

@@ -0,0 +1,2 @@
+# ts	host
+1300475168.78384	141.142.220.118

testing/btest/Baseline/policy.protocols.conn.known-hosts/knownhosts-remote.log

@@ -0,0 +1,4 @@
+# ts	host
+1300475168.78384	208.80.152.118
+1300475168.91594	208.80.152.3
+1300475168.96263	208.80.152.2

testing/btest/policy/known-hosts-test

@@ -1,6 +0,0 @@
-
-@TEST-EXEC: bro -r $TRACES/wikipedia.trace known-hosts
-
-@TEST-EXEC: btest-diff KNOWN_HOSTS
-@TEST-EXEC: btest-diff .stderr
-@TEST-EXEC: btest-diff .stdout

testing/btest/policy/protocols/conn/known-hosts.bro

@@ -0,0 +1,20 @@
+# A basic test of the known-hosts script's logging and asset_tracking options
+
+# @TEST-EXEC: bro -r $TRACES/wikipedia.trace %INPUT
+# @TEST-EXEC: mv knownhosts.log knownhosts-default.log
+# @TEST-EXEC: btest-diff knownhosts-default.log
+
+# @TEST-EXEC: bro -r $TRACES/wikipedia.trace %INPUT KnownHosts::asset_tracking=REMOTE_HOSTS
+# @TEST-EXEC: mv knownhosts.log knownhosts-remote.log
+# @TEST-EXEC: btest-diff knownhosts-remote.log
+
+# @TEST-EXEC: bro -r $TRACES/wikipedia.trace %INPUT KnownHosts::asset_tracking=ALL_HOSTS
+# @TEST-EXEC: mv knownhosts.log knownhosts-all.log
+# @TEST-EXEC: btest-diff knownhosts-all.log
+
+# @TEST-EXEC: bro -r $TRACES/wikipedia.trace %INPUT KnownHosts::asset_tracking=NO_HOSTS
+# @TEST-EXEC: test '!' -e knownhosts.log
+
+@load conn/known-hosts
+
+redef local_nets += {141.142.0.0/16};