detect-pcre: add tests - v5

[jufajardini]

Bring previously Suricata unit tests as suricata-verify tests.

Task #6147

Previous PR: #778

Finishing the conversion started on previous PR.

• detect-pcre-01: DetectPcreModifPTest04
• detect-pcre-02: DetectPcreModifPTest05
• detect-pcre-03: DetectPcreTestSig01-03
• detect-pcre-04: DetectPcreTestSig09-16
  detect-pcre-05: DetectPcreFlowvarCapture01- 03

Changes:

• re-created PR for detect-pcre-02 using htptopcap.py shared by Philippe
• add proper checks for alerts for detect-pcre-02
• rewrote README files to add ticket link, a bit more info, and use common formatting style
• Make no matching rules more informative, to make it easier to know what to expect from tests - based on what the unittests had
• add an extra matching check to detect-pcre-04 for the http.method type seeing in the packet, since there's no pcap_cnt in the alert for us to check against

Ticket

Redmine ticket:
https://redmine.openinfosecfoundation.org/issues/6147

[jufajardini]

edit the title to remove multiple version mentions.

[victorjulien]

Don't know why yet, but 02 fails on OpenBSD:

$ ../suricata-verify/run.py -q
Warning: No schema.json to validate eve.
===> detect-pcre-02: Sub test #1: FAIL : expected 1 matches; got 0 for filter {'count': 1, 'match': {'event_type': 'flow'}}
===> detect-pcre-02: Sub test #3: FAIL : expected 1 matches; got 0 for filter {'count': 1, 'match': {'event_type': 'alert', 'alert.signature_id': 1}}
===> detect-pcre-02: Sub test #4: FAIL : expected 1 matches; got 0 for filter {'count': 1, 'match': {'event_type': 'alert', 'alert.signature_id': 2}}
PASSED:  1207
FAILED:  1
SKIPPED: 246

Haven't looked into it. Previously we've had issues with pcapng (but there is a CI check for that), or weird datalinks or odd timestamps.

[victorjulien]

this fixes the pcap for openbsd tshark -F pcap -r <pcapng file> -w <pcap file>

[jufajardini]

Replaced by: #1604