Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/testing/btest/spicy/multiple-enum.zeek
Robin Sommer 956e147f70
Bump Spicy.
2024-06-14 13:10:47 +02:00

44 lines
926 B
Text
Raw Blame History

# @TEST-REQUIRES: have-spicy
#
# @TEST-EXEC: spicyz -d -o test.hlto dtest.spicy ./dtest.evt
# @TEST-EXEC: zeek -r ${TRACES}/ssh/single-conn.trace test.hlto %INPUT | sort >output
# @TEST-EXEC: btest-diff output
event dtest_one(x: dtest::RESULT) {
print "one", x;
}
event dtest_two(x: dtest::RESULT) {
print "two", x;
}
event zeek_init() {
Analyzer::register_for_port(Analyzer::ANALYZER_SPICY_DTEST, 22/tcp);
}
# @TEST-START-FILE dtest.evt
protocol analyzer spicy::dtest over TCP:
parse originator with dtest::Message;
on dtest::Message if ( self.sswitch == 83 )
-> event dtest_one(self.result_);
on dtest::Message if ( self.sswitch != 83 )
-> event dtest_two(self.result_);
# @TEST-END-FILE
# @TEST-START-FILE dtest.spicy
module dtest;
public type RESULT = enum {
A, B = 83, C, D, E, F
};
public type Message = unit {
sswitch: uint8;
result_: uint8 &convert=RESULT($$);
};
# @TEST-END-FILE
Reference in a new issue View git blame Copy permalink