This is snort file capture test automation suite.
- Install the Robot framework:
pip install robotframework
For more info read the following:
https://code.google.com/p/robotframework/wiki/Installation
http://robotframework.org/
- clone this repo:
vvk@ ~/tmp $ git clone https://github.com/kunschikov/snort.robot.git
vvk@ ~/tmp $ cd snort.robot/
-
modify the file_inspect.robot: set the SNORT and SNORTOPT variables to your system setup
-
run the suite:
vvk@ ~/tmp/snort.robot $ pybot file_inspect.robot
==============================================================================
File Inspect
==============================================================================
36k | PASS |
------------------------------------------------------------------------------
Http mp3 | PASS |
------------------------------------------------------------------------------
Http png | PASS |
...
------------------------------------------------------------------------------
smtp torrent | PASS |
------------------------------------------------------------------------------
File Inspect | FAIL |
13 critical tests, 12 passed, 1 failed
13 tests total, 12 passed, 1 failed
==============================================================================
Output: /home/vvk/tmp/snort.robot/output.xml
Log: /home/vvk/tmp/snort.robot/log.html
Report: /home/vvk/tmp/snort.robot/report.html
- run one test from the suite:
vvk ~/src/snort.robot $ pybot --test ftp_mp3 file_inspect.robot ============================================================================== File Inspect ============================================================================== FTP mp3 | FAIL | Path '/home/vvk/src/snort.robot/malwares/B09021B76929F3BB4A61CB8668244E559D27A078B42C6D6C960EC18316656984' does not match any file or directory ------------------------------------------------------------------------------ File Inspect | FAIL | 1 critical test, 0 passed, 1 failed 1 test total, 0 passed, 1 failed ============================================================================== Output: /home/vvk/src/snort.robot/output.xml Log: /home/vvk/src/snort.robot/log.html Report: /home/vvk/src/snort.robot/report.html
- edit the preprocessor
vvk ~/src/snort-2.9.8.0 $ vi src/dynamic-preprocessors/ftptelnet/snort_ftptelnet.c vvk ~/src/snort-2.9.8.0 $ make install
- run one test again
vvk ~/src/snort.robot $ pybot --test ftp_mp3 file_inspect.robot ============================================================================== File Inspect ============================================================================== FTP mp3 | PASS | ------------------------------------------------------------------------------ File Inspect | PASS | 1 critical test, 1 passed, 0 failed 1 test total, 1 passed, 0 failed ============================================================================== Output: /home/vvk/src/snort.robot/output.xml Log: /home/vvk/src/snort.robot/log.html Report: /home/vvk/src/snort.robot/report.html