Tests for the IPv6 Snort Plugin

A simple Perl-based test framework for Snort and three test collections to verify the IPv6 Snort Plugin.

Tool overview

Tests are described in yaml files, with every test case having a name, a configuration file, a input pcap file, and a specification of expected snort alerts.

The unpack.pl creates a test directory from a .yaml file and a directory containing the .pcap and .conf files. Example: /unpack.pl -f --srcdir srcfiles_pp --dstdir test_pp --input testset-pp.yaml

The tester.pl runs either a single test or all tests inside a given directory (as created by unpack.pl). Example: ./tester.pl test_pp

Test collections

The three test collections test different parts of the IPv6 Snort Plugin:

preprocessor alerts (testset-pp.yaml),
rule options (testset-opt.yaml),
a combination of the above to detect the use of THC tools
(testset-thc.yaml).

Name		Name	Last commit message	Last commit date
Latest commit History 70 Commits
lib		lib
srcfiles_opt		srcfiles_opt
srcfiles_pp		srcfiles_pp
srcfiles_thc		srcfiles_thc
README.md		README.md
ipv6.rules		ipv6.rules
tester.pl		tester.pl
testset-options.yaml		testset-options.yaml
testset-pp.yaml		testset-pp.yaml
testset-thc.yaml		testset-thc.yaml
uf2.pl		uf2.pl
unpack.pl		unpack.pl

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Tests for the IPv6 Snort Plugin

Tool overview

Test collections

About

Releases

Packages

Languages

mschuett/spp_ipv6_test

Folders and files

Latest commit

History

Repository files navigation

Tests for the IPv6 Snort Plugin

Tool overview

Test collections

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages