Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing/btest/signatures/dst-ip-header-condition-v4.zeek
Arne Welzel 85b8c8866b testing/btest/*zeek: Comment all @TEST lines
2025-04-17 16:30:23 +02:00

71 lines
2.1 KiB
Text
Raw Permalink Blame History

# @TEST-EXEC: zeek -b -s dst-ip-eq -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-eq.out
# @TEST-EXEC: zeek -b -s dst-ip-eq-nomatch -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-eq-nomatch.out
# @TEST-EXEC: zeek -b -s dst-ip-eq-list -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-eq-list.out
# @TEST-EXEC: zeek -b -s dst-ip-ne -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-ne.out
# @TEST-EXEC: zeek -b -s dst-ip-ne-nomatch -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-ne-nomatch.out
# @TEST-EXEC: zeek -b -s dst-ip-ne-list -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-ne-list.out
# @TEST-EXEC: zeek -b -s dst-ip-ne-list-nomatch -r $TRACES/chksums/ip4-icmp-good-chksum.pcap %INPUT >dst-ip-ne-list-nomatch.out
# @TEST-EXEC: btest-diff dst-ip-eq.out
# @TEST-EXEC: btest-diff dst-ip-eq-nomatch.out
# @TEST-EXEC: btest-diff dst-ip-eq-list.out
# @TEST-EXEC: btest-diff dst-ip-ne.out
# @TEST-EXEC: btest-diff dst-ip-ne-nomatch.out
# @TEST-EXEC: btest-diff dst-ip-ne-list.out
# @TEST-EXEC: btest-diff dst-ip-ne-list-nomatch.out
# @TEST-START-FILE dst-ip-eq.sig
signature id {
dst-ip == 192.168.1.101
event "dst-ip-eq"
}
# @TEST-END-FILE
# @TEST-START-FILE dst-ip-eq-nomatch.sig
signature id {
dst-ip == 10.0.0.1
event "dst-ip-eq-nomatch"
}
# @TEST-END-FILE
# @TEST-START-FILE dst-ip-eq-list.sig
signature id {
dst-ip == 10.0.0.1,10.0.0.2,[fe80::1],192.168.1.101
event "dst-ip-eq-list"
}
# @TEST-END-FILE
# @TEST-START-FILE dst-ip-ne.sig
signature id {
dst-ip != 10.0.0.1
event "dst-ip-ne"
}
# @TEST-END-FILE
# @TEST-START-FILE dst-ip-ne-nomatch.sig
signature id {
dst-ip != 192.168.1.101
event "dst-ip-ne-nomatch"
}
# @TEST-END-FILE
# @TEST-START-FILE dst-ip-ne-list.sig
signature id {
dst-ip != 10.0.0.1,10.0.0.2,10.0.0.3,[fe80::1]
event "dst-ip-ne-list"
}
# @TEST-END-FILE
# @TEST-START-FILE dst-ip-ne-list-nomatch.sig
signature id {
dst-ip != 10.0.0.1,10.0.0.2,10.0.0.3,[fe80::1],192.168.1.101
event "dst-ip-ne-list-nomatch"
}
# @TEST-END-FILE
event signature_match(state: signature_state, msg: string, data: string)
{
print fmt("signature_match %s - %s", state$conn$id, msg);
}
Reference in a new issue View git blame Copy permalink