52 static int DetectEngineHttpHHTest01(
void)
62 "GET /index.html HTTP/1.0\r\n"
64 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
65 uint32_t http_len =
sizeof(http_buf) - 1;
69 memset(&th_v, 0,
sizeof(th_v));
70 memset(&f, 0,
sizeof(f));
71 memset(&ssn, 0,
sizeof(ssn));
77 f.
proto = IPPROTO_TCP;
94 "(msg:\"http host header test\"; "
95 "content:\"connect\"; http_host; "
106 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
112 if (http_state == NULL) {
113 printf(
"no http state: ");
122 printf(
"sid 1 didn't match but should have: ");
148 static int DetectEngineHttpHHTest02(
void)
158 "GET /index.html HTTP/1.0\r\n"
160 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
161 uint32_t http_len =
sizeof(http_buf) - 1;
165 memset(&th_v, 0,
sizeof(th_v));
166 memset(&f, 0,
sizeof(f));
167 memset(&ssn, 0,
sizeof(ssn));
173 f.
proto = IPPROTO_TCP;
190 "(msg:\"http host header test\"; "
191 "content:\"co\"; depth:4; http_host; "
202 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
208 if (http_state == NULL) {
209 printf(
"no http state: ");
218 printf(
"sid 1 didn't match but should have: ");
244 static int DetectEngineHttpHHTest03(
void)
254 "GET /index.html HTTP/1.0\r\n"
256 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
257 uint32_t http_len =
sizeof(http_buf) - 1;
261 memset(&th_v, 0,
sizeof(th_v));
262 memset(&f, 0,
sizeof(f));
263 memset(&ssn, 0,
sizeof(ssn));
269 f.
proto = IPPROTO_TCP;
286 "(msg:\"http_host header test\"; "
287 "content:!\"ect\"; depth:4; http_host; "
298 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
304 if (http_state == NULL) {
305 printf(
"no http state: ");
314 printf(
"sid 1 didn't match but should have: ");
340 static int DetectEngineHttpHHTest04(
void)
350 "GET /index.html HTTP/1.0\r\n"
352 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
353 uint32_t http_len =
sizeof(http_buf) - 1;
357 memset(&th_v, 0,
sizeof(th_v));
358 memset(&f, 0,
sizeof(f));
359 memset(&ssn, 0,
sizeof(ssn));
365 f.
proto = IPPROTO_TCP;
382 "(msg:\"http host header test\"; "
383 "content:\"ect\"; depth:4; http_host; "
394 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
400 if (http_state == NULL) {
401 printf(
"no http state: ");
410 printf(
"sid 1 matched but shouldn't have: ");
436 static int DetectEngineHttpHHTest05(
void)
446 "GET /index.html HTTP/1.0\r\n"
448 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
449 uint32_t http_len =
sizeof(http_buf) - 1;
453 memset(&th_v, 0,
sizeof(th_v));
454 memset(&f, 0,
sizeof(f));
455 memset(&ssn, 0,
sizeof(ssn));
461 f.
proto = IPPROTO_TCP;
478 "(msg:\"http host header test\"; "
479 "content:!\"con\"; depth:4; http_host; "
490 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
496 if (http_state == NULL) {
497 printf(
"no http state: ");
506 printf(
"sid 1 matched but shouldn't have: ");
532 static int DetectEngineHttpHHTest06(
void)
542 "GET /index.html HTTP/1.0\r\n"
544 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
545 uint32_t http_len =
sizeof(http_buf) - 1;
549 memset(&th_v, 0,
sizeof(th_v));
550 memset(&f, 0,
sizeof(f));
551 memset(&ssn, 0,
sizeof(ssn));
557 f.
proto = IPPROTO_TCP;
574 "(msg:\"http host header test\"; "
575 "content:\"ect\"; offset:3; http_host; "
586 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
592 if (http_state == NULL) {
593 printf(
"no http state: ");
602 printf(
"sid 1 didn't match but should have: ");
628 static int DetectEngineHttpHHTest07(
void)
638 "GET /index.html HTTP/1.0\r\n"
640 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
641 uint32_t http_len =
sizeof(http_buf) - 1;
645 memset(&th_v, 0,
sizeof(th_v));
646 memset(&f, 0,
sizeof(f));
647 memset(&ssn, 0,
sizeof(ssn));
653 f.
proto = IPPROTO_TCP;
670 "(msg:\"http host header test\"; "
671 "content:!\"co\"; offset:3; http_host; "
682 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
688 if (http_state == NULL) {
689 printf(
"no http state: ");
698 printf(
"sid 1 didn't match but should have: ");
724 static int DetectEngineHttpHHTest08(
void)
734 "GET /index.html HTTP/1.0\r\n"
736 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
737 uint32_t http_len =
sizeof(http_buf) - 1;
741 memset(&th_v, 0,
sizeof(th_v));
742 memset(&f, 0,
sizeof(f));
743 memset(&ssn, 0,
sizeof(ssn));
749 f.
proto = IPPROTO_TCP;
766 "(msg:\"http host header test\"; "
767 "content:!\"ect\"; offset:3; http_host; "
778 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
784 if (http_state == NULL) {
785 printf(
"no http state: ");
794 printf(
"sid 1 matched but shouldn't have: ");
820 static int DetectEngineHttpHHTest09(
void)
830 "GET /index.html HTTP/1.0\r\n"
832 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
833 uint32_t http_len =
sizeof(http_buf) - 1;
837 memset(&th_v, 0,
sizeof(th_v));
838 memset(&f, 0,
sizeof(f));
839 memset(&ssn, 0,
sizeof(ssn));
845 f.
proto = IPPROTO_TCP;
862 "(msg:\"http host header test\"; "
863 "content:\"con\"; offset:3; http_host; "
874 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
880 if (http_state == NULL) {
881 printf(
"no http state: ");
890 printf(
"sid 1 matched but shouldn't have: ");
916 static int DetectEngineHttpHHTest10(
void)
926 "GET /index.html HTTP/1.0\r\n"
928 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
929 uint32_t http_len =
sizeof(http_buf) - 1;
933 memset(&th_v, 0,
sizeof(th_v));
934 memset(&f, 0,
sizeof(f));
935 memset(&ssn, 0,
sizeof(ssn));
941 f.
proto = IPPROTO_TCP;
958 "(msg:\"http_host header test\"; "
959 "content:\"co\"; http_host; "
960 "content:\"ec\"; within:4; http_host; "
971 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
977 if (http_state == NULL) {
978 printf(
"no http state: ");
987 printf(
"sid 1 didn't match but should have: ");
1013 static int DetectEngineHttpHHTest11(
void)
1022 uint8_t http_buf[] =
1023 "GET /index.html HTTP/1.0\r\n"
1025 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1026 uint32_t http_len =
sizeof(http_buf) - 1;
1030 memset(&th_v, 0,
sizeof(th_v));
1031 memset(&f, 0,
sizeof(f));
1032 memset(&ssn, 0,
sizeof(ssn));
1038 f.
proto = IPPROTO_TCP;
1055 "(msg:\"http_host header test\"; "
1056 "content:\"co\"; http_host; "
1057 "content:!\"ec\"; within:3; http_host; "
1068 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1074 if (http_state == NULL) {
1075 printf(
"no http state: ");
1084 printf(
"sid 1 didn't match but should have: ");
1110 static int DetectEngineHttpHHTest12(
void)
1119 uint8_t http_buf[] =
1120 "GET /index.html HTTP/1.0\r\n"
1122 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1123 uint32_t http_len =
sizeof(http_buf) - 1;
1127 memset(&th_v, 0,
sizeof(th_v));
1128 memset(&f, 0,
sizeof(f));
1129 memset(&ssn, 0,
sizeof(ssn));
1135 f.
proto = IPPROTO_TCP;
1152 "(msg:\"http_host header test\"; "
1153 "content:\"co\"; http_host; "
1154 "content:\"ec\"; within:3; http_host; "
1165 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1171 if (http_state == NULL) {
1172 printf(
"no http state: ");
1181 printf(
"sid 1 matched but shouldn't have: ");
1207 static int DetectEngineHttpHHTest13(
void)
1216 uint8_t http_buf[] =
1217 "GET /index.html HTTP/1.0\r\n"
1219 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1220 uint32_t http_len =
sizeof(http_buf) - 1;
1224 memset(&th_v, 0,
sizeof(th_v));
1225 memset(&f, 0,
sizeof(f));
1226 memset(&ssn, 0,
sizeof(ssn));
1232 f.
proto = IPPROTO_TCP;
1249 "(msg:\"http_host header test\"; "
1250 "content:\"co\"; http_host; "
1251 "content:!\"ec\"; within:4; http_host; "
1262 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1268 if (http_state == NULL) {
1269 printf(
"no http state: ");
1278 printf(
"sid 1 matched but shouldn't have: ");
1304 static int DetectEngineHttpHHTest14(
void)
1313 uint8_t http_buf[] =
1314 "GET /index.html HTTP/1.0\r\n"
1316 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1317 uint32_t http_len =
sizeof(http_buf) - 1;
1321 memset(&th_v, 0,
sizeof(th_v));
1322 memset(&f, 0,
sizeof(f));
1323 memset(&ssn, 0,
sizeof(ssn));
1329 f.
proto = IPPROTO_TCP;
1346 "(msg:\"http_host header test\"; "
1347 "content:\"co\"; http_host; "
1348 "content:\"ec\"; distance:2; http_host; "
1359 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1365 if (http_state == NULL) {
1366 printf(
"no http state: ");
1375 printf(
"sid 1 didn't match but should have: ");
1401 static int DetectEngineHttpHHTest15(
void)
1410 uint8_t http_buf[] =
1411 "GET /index.html HTTP/1.0\r\n"
1413 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1414 uint32_t http_len =
sizeof(http_buf) - 1;
1418 memset(&th_v, 0,
sizeof(th_v));
1419 memset(&f, 0,
sizeof(f));
1420 memset(&ssn, 0,
sizeof(ssn));
1426 f.
proto = IPPROTO_TCP;
1443 "(msg:\"http_host header test\"; "
1444 "content:\"co\"; http_host; "
1445 "content:!\"ec\"; distance:3; http_host; "
1456 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1462 if (http_state == NULL) {
1463 printf(
"no http state: ");
1472 printf(
"sid 1 didn't match but should have: ");
1498 static int DetectEngineHttpHHTest16(
void)
1507 uint8_t http_buf[] =
1508 "GET /index.html HTTP/1.0\r\n"
1510 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1511 uint32_t http_len =
sizeof(http_buf) - 1;
1515 memset(&th_v, 0,
sizeof(th_v));
1516 memset(&f, 0,
sizeof(f));
1517 memset(&ssn, 0,
sizeof(ssn));
1523 f.
proto = IPPROTO_TCP;
1540 "(msg:\"http_host header test\"; "
1541 "content:\"co\"; http_host; "
1542 "content:\"ec\"; distance:3; http_host; "
1553 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1559 if (http_state == NULL) {
1560 printf(
"no http state: ");
1569 printf(
"sid 1 matched but shouldn't have: ");
1595 static int DetectEngineHttpHHTest17(
void)
1604 uint8_t http_buf[] =
1605 "GET /index.html HTTP/1.0\r\n"
1607 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1608 uint32_t http_len =
sizeof(http_buf) - 1;
1612 memset(&th_v, 0,
sizeof(th_v));
1613 memset(&f, 0,
sizeof(f));
1614 memset(&ssn, 0,
sizeof(ssn));
1620 f.
proto = IPPROTO_TCP;
1637 "(msg:\"http_host header test\"; "
1638 "content:\"co\"; http_host; "
1639 "content:!\"ec\"; distance:2; http_host; "
1650 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1656 if (http_state == NULL) {
1657 printf(
"no http state: ");
1666 printf(
"sid 1 matched but shouldn't have: ");
1688 static int DetectEngineHttpHHTest18(
void)
1697 uint8_t http_buf[] =
1698 "GET /index.html HTTP/1.0\r\n"
1699 "Host: www.kaboom.com\r\n"
1700 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1701 uint32_t http_len =
sizeof(http_buf) - 1;
1705 memset(&th_v, 0,
sizeof(th_v));
1706 memset(&f, 0,
sizeof(f));
1707 memset(&ssn, 0,
sizeof(ssn));
1713 f.
proto = IPPROTO_TCP;
1730 "(msg:\"http_host header test\"; "
1731 "content:\"kaboom\"; http_host; "
1742 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1748 if (http_state == NULL) {
1749 printf(
"no http state: ");
1758 printf(
"sid 1 didn't match but should have: ");
1780 static int DetectEngineHttpHHTest19(
void)
1789 uint8_t http_buf[] =
1790 "GET /index.html HTTP/1.0\r\n"
1791 "Host: www.kaboom.com:8080\r\n"
1792 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1793 uint32_t http_len =
sizeof(http_buf) - 1;
1797 memset(&th_v, 0,
sizeof(th_v));
1798 memset(&f, 0,
sizeof(f));
1799 memset(&ssn, 0,
sizeof(ssn));
1805 f.
proto = IPPROTO_TCP;
1822 "(msg:\"http_host header test\"; "
1823 "content:\"kaboom\"; http_host; "
1834 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1840 if (http_state == NULL) {
1841 printf(
"no http state: ");
1850 printf(
"sid 1 didn't match but should have: ");
1872 static int DetectEngineHttpHHTest20(
void)
1881 uint8_t http_buf[] =
1882 "GET /index.html HTTP/1.0\r\n"
1883 "Host: www.kaboom.com:8080\r\n"
1884 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1885 uint32_t http_len =
sizeof(http_buf) - 1;
1889 memset(&th_v, 0,
sizeof(th_v));
1890 memset(&f, 0,
sizeof(f));
1891 memset(&ssn, 0,
sizeof(ssn));
1897 f.
proto = IPPROTO_TCP;
1914 "(msg:\"http_host header test\"; "
1915 "content:\"8080\"; http_host; "
1926 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
1932 if (http_state == NULL) {
1933 printf(
"no http state: ");
1942 printf(
"sid 1 matched but it shouldn't have: ");
1964 static int DetectEngineHttpHHTest21(
void)
1973 uint8_t http_buf[] =
1974 "GET http://www.kaboom.com/index.html HTTP/1.0\r\n"
1975 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
1976 uint32_t http_len =
sizeof(http_buf) - 1;
1980 memset(&th_v, 0,
sizeof(th_v));
1981 memset(&f, 0,
sizeof(f));
1982 memset(&ssn, 0,
sizeof(ssn));
1988 f.
proto = IPPROTO_TCP;
2005 "(msg:\"http_host header test\"; "
2006 "content:\"kaboom\"; http_host; "
2017 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2023 if (http_state == NULL) {
2024 printf(
"no http state: ");
2033 printf(
"sid 1 didn't match but should have: ");
2055 static int DetectEngineHttpHHTest22(
void)
2064 uint8_t http_buf[] =
2065 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
2066 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
2067 uint32_t http_len =
sizeof(http_buf) - 1;
2071 memset(&th_v, 0,
sizeof(th_v));
2072 memset(&f, 0,
sizeof(f));
2073 memset(&ssn, 0,
sizeof(ssn));
2079 f.
proto = IPPROTO_TCP;
2096 "(msg:\"http_host header test\"; "
2097 "content:\"kaboom\"; http_host; "
2108 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2114 if (http_state == NULL) {
2115 printf(
"no http state: ");
2124 printf(
"sid 1 didn't match but should have: ");
2146 static int DetectEngineHttpHHTest23(
void)
2155 uint8_t http_buf[] =
2156 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
2157 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
2158 uint32_t http_len =
sizeof(http_buf) - 1;
2162 memset(&th_v, 0,
sizeof(th_v));
2163 memset(&f, 0,
sizeof(f));
2164 memset(&ssn, 0,
sizeof(ssn));
2170 f.
proto = IPPROTO_TCP;
2187 "(msg:\"http_host header test\"; "
2188 "content:\"8080\"; http_host; "
2199 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2205 if (http_state == NULL) {
2206 printf(
"no http state: ");
2215 printf(
"sid 1 matched but it shouldn't have: ");
2237 static int DetectEngineHttpHHTest24(
void)
2246 uint8_t http_buf[] =
2247 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
2248 "Host: www.rabbit.com\r\n"
2249 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
2250 uint32_t http_len =
sizeof(http_buf) - 1;
2254 memset(&th_v, 0,
sizeof(th_v));
2255 memset(&f, 0,
sizeof(f));
2256 memset(&ssn, 0,
sizeof(ssn));
2262 f.
proto = IPPROTO_TCP;
2279 "(msg:\"http_host header test\"; "
2280 "content:\"kaboom\"; http_host; "
2291 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2297 if (http_state == NULL) {
2298 printf(
"no http state: ");
2307 printf(
"sid 1 didn't match but it should have: ");
2329 static int DetectEngineHttpHHTest25(
void)
2338 uint8_t http_buf[] =
2339 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
2340 "Host: www.rabbit.com\r\n"
2341 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
2342 uint32_t http_len =
sizeof(http_buf) - 1;
2346 memset(&th_v, 0,
sizeof(th_v));
2347 memset(&f, 0,
sizeof(f));
2348 memset(&ssn, 0,
sizeof(ssn));
2354 f.
proto = IPPROTO_TCP;
2371 "(msg:\"http_host header test\"; "
2372 "content:\"rabbit\"; http_host; "
2383 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2389 if (http_state == NULL) {
2390 printf(
"no http state: ");
2399 printf(
"sid 1 matched but it shouldn't have: ");
2425 static int DetectHttpHHTest01(
void)
2436 "(msg:\"Testing http_host\"; "
2437 "content:\"one\"; http_host; sid:1;)");
2454 static int DetectHttpHHTest02(
void)
2465 "(msg:\"Testing http_host\"; "
2466 "content:\"one\"; http_host; sid:1;)");
2480 static int DetectHttpHHTest03(
void)
2491 "(msg:\"Testing http_host\"; "
2492 "http_host; sid:1;)");
2506 static int DetectHttpHHTest04(
void)
2517 "(msg:\"Testing http_host\"; "
2518 "content:\"one\"; rawbytes; http_host; sid:1;)");
2531 static int DetectHttpHHTest05(
void)
2542 "(msg:\"Testing http_host\"; "
2543 "content:\"one\"; http_host; sid:1;)");
2554 static int DetectHttpHHTest05a(
void)
2561 "alert tcp any any -> any any "
2562 "(content:\"ABC\"; http_host; sid:1;)");
2573 static int DetectHttpHHTest06(
void)
2582 uint8_t http_buf[] =
2583 "GET /index.html HTTP/1.0\r\n"
2584 "User-Agent: www.openinfosecfoundation.org\r\n"
2585 "Host: This is dummy message body\r\n"
2586 "Content-Type: text/html\r\n"
2588 uint32_t http_len =
sizeof(http_buf) - 1;
2592 memset(&th_v, 0,
sizeof(th_v));
2593 memset(&f, 0,
sizeof(f));
2594 memset(&ssn, 0,
sizeof(ssn));
2600 f.
proto = IPPROTO_TCP;
2618 "(msg:\"http host test\"; "
2619 "content:\"message\"; http_host; "
2630 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2636 if (http_state == NULL) {
2637 printf(
"no http state: \n");
2646 printf(
"sid 1 didn't match but should have\n");
2667 static int DetectHttpHHTest07(
void)
2677 uint8_t http1_buf[] =
2678 "GET /index.html HTTP/1.0\r\n"
2679 "User-Agent: www.openinfosecfoundation.org\r\n"
2680 "Host: This is dummy message";
2681 uint8_t http2_buf[] =
2683 uint32_t http1_len =
sizeof(http1_buf) - 1;
2684 uint32_t http2_len =
sizeof(http2_buf) - 1;
2688 memset(&th_v, 0,
sizeof(th_v));
2689 memset(&f, 0,
sizeof(f));
2690 memset(&ssn, 0,
sizeof(ssn));
2697 f.
proto = IPPROTO_TCP;
2719 "(msg:\"http host test\"; "
2720 "content:\"message\"; http_host; "
2731 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2737 if (http_state == NULL) {
2738 printf(
"no http state: ");
2746 printf(
"sid 1 matched on p1 but shouldn't have: ");
2753 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2760 printf(
"sid 1 didn't match on p2 but should have: ");
2782 static int DetectHttpHHTest08(
void)
2792 uint8_t http1_buf[] =
2793 "GET /index.html HTTP/1.0\r\n"
2794 "User-Agent: www.openinfosecfoundation.org\r\n"
2795 "host: This is dummy mess";
2796 uint8_t http2_buf[] =
2798 uint32_t http1_len =
sizeof(http1_buf) - 1;
2799 uint32_t http2_len =
sizeof(http2_buf) - 1;
2803 memset(&th_v, 0,
sizeof(th_v));
2804 memset(&f, 0,
sizeof(f));
2805 memset(&ssn, 0,
sizeof(ssn));
2812 f.
proto = IPPROTO_TCP;
2834 "(msg:\"http host test\"; "
2835 "content:\"message\"; http_host; "
2846 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2852 if (http_state == NULL) {
2853 printf(
"no http state: ");
2862 printf(
"sid 1 didn't match but should have");
2869 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2878 printf(
"sid 1 didn't match but should have");
2900 static int DetectHttpHHTest09(
void)
2910 uint8_t http1_buf[] =
2911 "GET /index.html HTTP/1.0\r\n"
2912 "User-Agent: www.openinfosecfoundation.org\r\n"
2913 "Host: This is dummy body1";
2914 uint8_t http2_buf[] =
2915 "This is dummy message body2\r\n"
2916 "Content-Type: text/html\r\n"
2917 "Content-Length: 46\r\n"
2919 "This is dummy body1";
2920 uint32_t http1_len =
sizeof(http1_buf) - 1;
2921 uint32_t http2_len =
sizeof(http2_buf) - 1;
2925 memset(&th_v, 0,
sizeof(th_v));
2926 memset(&f, 0,
sizeof(f));
2927 memset(&ssn, 0,
sizeof(ssn));
2934 f.
proto = IPPROTO_TCP;
2956 "(msg:\"http host test\"; "
2957 "content:\"body1this\"; http_host; "
2968 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
2974 if (http_state == NULL) {
2975 printf(
"no http state: ");
2984 printf(
"sid 1 didn't match but should have");
2991 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3000 printf(
"sid 1 didn't match but should have");
3022 static int DetectHttpHHTest10(
void)
3032 uint8_t http1_buf[] =
3033 "GET /index.html HTTP/1.0\r\n"
3034 "User-Agent: www.openinfosecfoundation.org\r\n"
3035 "Host: This is dummy bodY1";
3036 uint8_t http2_buf[] =
3037 "This is dummy message body2\r\n"
3038 "Content-Type: text/html\r\n"
3039 "Content-Length: 46\r\n"
3041 "This is dummy bodY1";
3042 uint32_t http1_len =
sizeof(http1_buf) - 1;
3043 uint32_t http2_len =
sizeof(http2_buf) - 1;
3047 memset(&th_v, 0,
sizeof(th_v));
3048 memset(&f, 0,
sizeof(f));
3049 memset(&ssn, 0,
sizeof(ssn));
3056 f.
proto = IPPROTO_TCP;
3078 "(msg:\"http host test\"; "
3079 "content:\"body1this\"; http_host; "
3090 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3096 if (http_state == NULL) {
3097 printf(
"no http state: \n");
3106 printf(
"sid 1 didn't match but should have\n");
3113 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: \n", r);
3123 printf(
"sid 1 didn't match but should have");
3145 static int DetectHttpHHTest11(
void)
3154 uint8_t http_buf[] =
3155 "GET /index.html HTTP/1.0\r\n"
3156 "User-Agent: www.openinfosecfoundation.org\r\n"
3157 "Host: This is dummy message body\r\n"
3158 "Content-Type: text/html\r\n"
3160 uint32_t http_len =
sizeof(http_buf) - 1;
3164 memset(&th_v, 0,
sizeof(th_v));
3165 memset(&f, 0,
sizeof(f));
3166 memset(&ssn, 0,
sizeof(ssn));
3172 f.
proto = IPPROTO_TCP;
3190 "(msg:\"http host test\"; "
3191 "content:!\"message\"; http_host; "
3202 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3208 if (http_state == NULL) {
3209 printf(
"no http state: ");
3218 printf(
"sid 1 matched but shouldn't have");
3239 static int DetectHttpHHTest12(
void)
3248 uint8_t http_buf[] =
3249 "GET /index.html HTTP/1.0\r\n"
3250 "User-Agent: www.openinfosecfoundation.org\r\n"
3251 "Host: This is dummy body\r\n"
3253 uint32_t http_len =
sizeof(http_buf) - 1;
3257 memset(&th_v, 0,
sizeof(th_v));
3258 memset(&f, 0,
sizeof(f));
3259 memset(&ssn, 0,
sizeof(ssn));
3265 f.
proto = IPPROTO_TCP;
3283 "(msg:\"http host test\"; "
3284 "content:!\"message\"; http_host; "
3295 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3301 if (http_state == NULL) {
3302 printf(
"no http state: ");
3311 printf(
"sid 1 didn't match but should have");
3332 static int DetectHttpHHTest13(
void)
3341 uint8_t http_buf[] =
3342 "GET /index.html HTTP/1.0\r\n"
3343 "User-Agent: www.openinfosecfoundation.org\r\n"
3344 "Host: longbufferabcdefghijklmnopqrstuvwxyz0123456789bufferend\r\n"
3345 "Content-Type: text/html\r\n"
3347 uint32_t http_len =
sizeof(http_buf) - 1;
3351 memset(&th_v, 0,
sizeof(th_v));
3352 memset(&f, 0,
sizeof(f));
3353 memset(&ssn, 0,
sizeof(ssn));
3359 f.
proto = IPPROTO_TCP;
3377 "(msg:\"http host test\"; "
3378 "content:\"abcdefghijklmnopqrstuvwxyz0123456789\"; http_host; "
3389 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3395 if (http_state == NULL) {
3396 printf(
"no http state: ");
3405 printf(
"sid 1 didn't match but should have");
3425 static int DetectHttpHHTest14(
void)
3434 uint8_t httpbuf1[] =
"POST / HTTP/1.1\r\n";
3435 uint8_t httpbuf2[] =
"Cookie: dummy1\r\n";
3436 uint8_t httpbuf3[] =
"Host: Body one!!\r\n\r\n";
3437 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
3438 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
3439 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
3440 uint8_t httpbuf4[] =
"GET /?var=val HTTP/1.1\r\n";
3441 uint8_t httpbuf5[] =
"Cookie: dummy2\r\n";
3442 uint8_t httpbuf6[] =
"Host: Body two\r\n\r\n";
3443 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
3444 uint32_t httplen5 =
sizeof(httpbuf5) - 1;
3445 uint32_t httplen6 =
sizeof(httpbuf6) - 1;
3448 memset(&th_v, 0,
sizeof(th_v));
3449 memset(&f, 0,
sizeof(f));
3450 memset(&ssn, 0,
sizeof(ssn));
3456 f.
proto = IPPROTO_TCP;
3474 s =
DetectEngineAppendSig(
de_ctx,
"alert tcp any any -> any any (content:\"POST\"; http_method; content:\"dummy1\"; http_cookie; content:\"body one\"; http_host; sid:1; rev:1;)");
3476 printf(
"sig parse failed: ");
3479 s =
DetectEngineAppendSig(
de_ctx,
"alert tcp any any -> any any (content:\"GET\"; http_method; content:\"dummy2\"; http_cookie; content:\"body two\"; http_host; sid:2; rev:1;)");
3481 printf(
"sig2 parse failed: ");
3491 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3498 printf(
"sig 1 alerted: ");
3505 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
3512 printf(
"sig 1 alerted (2): ");
3519 printf(
"toserver chunk 3 returned %" PRId32
", expected 0: ", r);
3526 printf(
"sig 1 didn't alert: ");
3533 printf(
"toserver chunk 5 returned %" PRId32
", expected 0: ", r);
3540 printf(
"sig 1 alerted (4): ");
3547 printf(
"toserver chunk 6 returned %" PRId32
", expected 0: ", r);
3554 printf(
"sig 1 alerted (request 2, chunk 6): ");
3563 printf(
"toserver chunk 7 returned %" PRId32
", expected 0: ", r);
3570 printf(
"signature 2 didn't match or sig 1 matched, but shouldn't have: ");
3576 if (htp_state == NULL) {
3577 printf(
"no http state: ");
3583 printf(
"The http app layer doesn't have 2 transactions, but it should: ");
3591 if (det_ctx != NULL) {
3608 static int DetectHttpHRHTest06(
void)
3617 uint8_t http_buf[] =
"GET /index.html HTTP/1.0\r\n"
3618 "User-Agent: www.openinfosecfoundation.org\r\n"
3619 "Host: This is dummy message body\r\n"
3620 "Content-Type: text/html\r\n"
3622 uint32_t http_len =
sizeof(http_buf) - 1;
3626 memset(&th_v, 0,
sizeof(th_v));
3627 memset(&f, 0,
sizeof(f));
3628 memset(&ssn, 0,
sizeof(ssn));
3634 f.
proto = IPPROTO_TCP;
3652 "(msg:\"http host test\"; "
3653 "content:\"message\"; http_raw_host; "
3664 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3670 if (http_state == NULL) {
3671 printf(
"no http state: \n");
3680 printf(
"sid 1 didn't match but should have\n");
3701 static int DetectHttpHRHTest07(
void)
3711 uint8_t http1_buf[] =
"GET /index.html HTTP/1.0\r\n"
3712 "User-Agent: www.openinfosecfoundation.org\r\n"
3713 "Host: This is dummy message";
3714 uint8_t http2_buf[] =
"body1\r\n\r\n";
3715 uint32_t http1_len =
sizeof(http1_buf) - 1;
3716 uint32_t http2_len =
sizeof(http2_buf) - 1;
3720 memset(&th_v, 0,
sizeof(th_v));
3721 memset(&f, 0,
sizeof(f));
3722 memset(&ssn, 0,
sizeof(ssn));
3729 f.
proto = IPPROTO_TCP;
3751 "(msg:\"http host test\"; "
3752 "content:\"message\"; http_raw_host; "
3763 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3769 if (http_state == NULL) {
3770 printf(
"no http state: ");
3778 printf(
"sid 1 matched on p1 but shouldn't have: ");
3785 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3792 printf(
"sid 1 didn't match on p2 but should have: ");
3814 static int DetectHttpHRHTest08(
void)
3824 uint8_t http1_buf[] =
"GET /index.html HTTP/1.0\r\n"
3825 "User-Agent: www.openinfosecfoundation.org\r\n"
3826 "host: This is dummy mess";
3827 uint8_t http2_buf[] =
"age body\r\n\r\n";
3828 uint32_t http1_len =
sizeof(http1_buf) - 1;
3829 uint32_t http2_len =
sizeof(http2_buf) - 1;
3833 memset(&th_v, 0,
sizeof(th_v));
3834 memset(&f, 0,
sizeof(f));
3835 memset(&ssn, 0,
sizeof(ssn));
3842 f.
proto = IPPROTO_TCP;
3864 "(msg:\"http host test\"; "
3865 "content:\"message\"; http_raw_host; "
3876 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3882 if (http_state == NULL) {
3883 printf(
"no http state: ");
3892 printf(
"sid 1 didn't match but should have");
3899 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
3908 printf(
"sid 1 didn't match but should have");
3930 static int DetectHttpHRHTest09(
void)
3940 uint8_t http1_buf[] =
"GET /index.html HTTP/1.0\r\n"
3941 "User-Agent: www.openinfosecfoundation.org\r\n"
3942 "Host: This is dummy body1";
3943 uint8_t http2_buf[] =
"This is dummy message body2\r\n"
3944 "Content-Type: text/html\r\n"
3945 "Content-Length: 46\r\n"
3947 "This is dummy body1";
3948 uint32_t http1_len =
sizeof(http1_buf) - 1;
3949 uint32_t http2_len =
sizeof(http2_buf) - 1;
3953 memset(&th_v, 0,
sizeof(th_v));
3954 memset(&f, 0,
sizeof(f));
3955 memset(&ssn, 0,
sizeof(ssn));
3962 f.
proto = IPPROTO_TCP;
3984 "(msg:\"http host test\"; "
3985 "content:\"body1This\"; http_raw_host; "
3996 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4002 if (http_state == NULL) {
4003 printf(
"no http state: ");
4012 printf(
"sid 1 didn't match but should have");
4019 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4028 printf(
"sid 1 didn't match but should have");
4050 static int DetectHttpHRHTest10(
void)
4060 uint8_t http1_buf[] =
"GET /index.html HTTP/1.0\r\n"
4061 "User-Agent: www.openinfosecfoundation.org\r\n"
4062 "Host: This is dummy bodY1";
4063 uint8_t http2_buf[] =
"This is dummy message body2\r\n"
4064 "Content-Type: text/html\r\n"
4065 "Content-Length: 46\r\n"
4067 "This is dummy bodY1";
4068 uint32_t http1_len =
sizeof(http1_buf) - 1;
4069 uint32_t http2_len =
sizeof(http2_buf) - 1;
4073 memset(&th_v, 0,
sizeof(th_v));
4074 memset(&f, 0,
sizeof(f));
4075 memset(&ssn, 0,
sizeof(ssn));
4082 f.
proto = IPPROTO_TCP;
4104 "(msg:\"http host test\"; "
4105 "content:\"bodY1This\"; http_raw_host; "
4116 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4122 if (http_state == NULL) {
4123 printf(
"no http state: \n");
4132 printf(
"sid 1 didn't match but should have\n");
4139 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: \n", r);
4148 printf(
"sid 1 didn't match but should have");
4170 static int DetectHttpHRHTest11(
void)
4179 uint8_t http_buf[] =
"GET /index.html HTTP/1.0\r\n"
4180 "User-Agent: www.openinfosecfoundation.org\r\n"
4181 "Host: This is dummy message body\r\n"
4182 "Content-Type: text/html\r\n"
4184 uint32_t http_len =
sizeof(http_buf) - 1;
4188 memset(&th_v, 0,
sizeof(th_v));
4189 memset(&f, 0,
sizeof(f));
4190 memset(&ssn, 0,
sizeof(ssn));
4196 f.
proto = IPPROTO_TCP;
4214 "(msg:\"http host test\"; "
4215 "content:!\"message\"; http_raw_host; "
4226 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4232 if (http_state == NULL) {
4233 printf(
"no http state: ");
4242 printf(
"sid 1 matched but shouldn't have");
4263 static int DetectHttpHRHTest12(
void)
4272 uint8_t http_buf[] =
"GET /index.html HTTP/1.0\r\n"
4273 "User-Agent: www.openinfosecfoundation.org\r\n"
4274 "Host: This is dummy body\r\n"
4276 uint32_t http_len =
sizeof(http_buf) - 1;
4280 memset(&th_v, 0,
sizeof(th_v));
4281 memset(&f, 0,
sizeof(f));
4282 memset(&ssn, 0,
sizeof(ssn));
4288 f.
proto = IPPROTO_TCP;
4306 "(msg:\"http host test\"; "
4307 "content:!\"message\"; http_raw_host; "
4318 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4324 if (http_state == NULL) {
4325 printf(
"no http state: ");
4334 printf(
"sid 1 didn't match but should have");
4355 static int DetectHttpHRHTest13(
void)
4364 uint8_t http_buf[] =
"GET /index.html HTTP/1.0\r\n"
4365 "User-Agent: www.openinfosecfoundation.org\r\n"
4366 "Host: longbufferabcdefghijklmnopqrstuvwxyz0123456789bufferend\r\n"
4367 "Content-Type: text/html\r\n"
4369 uint32_t http_len =
sizeof(http_buf) - 1;
4373 memset(&th_v, 0,
sizeof(th_v));
4374 memset(&f, 0,
sizeof(f));
4375 memset(&ssn, 0,
sizeof(ssn));
4381 f.
proto = IPPROTO_TCP;
4400 "(msg:\"http host test\"; "
4401 "content:\"abcdefghijklmnopqrstuvwxyz0123456789\"; http_raw_host; "
4412 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4418 if (http_state == NULL) {
4419 printf(
"no http state: ");
4428 printf(
"sid 1 didn't match but should have");
4448 static int DetectHttpHRHTest14(
void)
4457 uint8_t httpbuf1[] =
"POST / HTTP/1.1\r\n";
4458 uint8_t httpbuf2[] =
"Cookie: dummy1\r\n";
4459 uint8_t httpbuf3[] =
"Host: Body one!!\r\n\r\n";
4460 uint32_t httplen1 =
sizeof(httpbuf1) - 1;
4461 uint32_t httplen2 =
sizeof(httpbuf2) - 1;
4462 uint32_t httplen3 =
sizeof(httpbuf3) - 1;
4463 uint8_t httpbuf4[] =
"GET /?var=val HTTP/1.1\r\n";
4464 uint8_t httpbuf5[] =
"Cookie: dummy2\r\n";
4465 uint8_t httpbuf6[] =
"Host: Body two\r\n\r\n";
4466 uint32_t httplen4 =
sizeof(httpbuf4) - 1;
4467 uint32_t httplen5 =
sizeof(httpbuf5) - 1;
4468 uint32_t httplen6 =
sizeof(httpbuf6) - 1;
4471 memset(&th_v, 0,
sizeof(th_v));
4472 memset(&f, 0,
sizeof(f));
4473 memset(&ssn, 0,
sizeof(ssn));
4479 f.
proto = IPPROTO_TCP;
4498 "alert tcp any any -> any any (content:\"POST\"; http_method; content:\"dummy1\"; "
4499 "http_cookie; content:\"Body one\"; http_raw_host; sid:1; rev:1;)");
4501 printf(
"sig parse failed: ");
4505 "alert tcp any any -> any any (content:\"GET\"; http_method; content:\"dummy2\"; "
4506 "http_cookie; content:\"Body two\"; http_raw_host; sid:2; rev:1;)");
4508 printf(
"sig2 parse failed: ");
4518 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4525 printf(
"sig 1 alerted: ");
4532 printf(
"toserver chunk 2 returned %" PRId32
", expected 0: ", r);
4539 printf(
"sig 1 alerted (2): ");
4546 printf(
"toserver chunk 3 returned %" PRId32
", expected 0: ", r);
4553 printf(
"sig 1 didn't alert: ");
4560 printf(
"toserver chunk 5 returned %" PRId32
", expected 0: ", r);
4567 printf(
"sig 1 alerted (4): ");
4574 printf(
"toserver chunk 6 returned %" PRId32
", expected 0: ", r);
4581 printf(
"sig 1 alerted (request 2, chunk 6): ");
4590 printf(
"toserver chunk 7 returned %" PRId32
", expected 0: ", r);
4597 printf(
"signature 2 didn't match or sig 1 matched, but shouldn't have: ");
4603 if (htp_state == NULL) {
4604 printf(
"no http state: ");
4610 printf(
"The http app layer doesn't have 2 transactions, but it should: ");
4618 if (det_ctx != NULL) {
4635 static int DetectHttpHRHTest37(
void)
4645 uint8_t http1_buf[] =
4646 "GET /index.html HTTP/1.0\r\n"
4647 "User-Agent: www.openinfosecfoundation.org\r\n"
4648 "Host: This is dummy bodY1";
4649 uint8_t http2_buf[] =
4650 "This is dummy message body2\r\n"
4651 "Content-Type: text/html\r\n"
4652 "Content-Length: 46\r\n"
4654 "This is dummy bodY1";
4655 uint32_t http1_len =
sizeof(http1_buf) - 1;
4656 uint32_t http2_len =
sizeof(http2_buf) - 1;
4660 memset(&th_v, 0,
sizeof(th_v));
4661 memset(&f, 0,
sizeof(f));
4662 memset(&ssn, 0,
sizeof(ssn));
4669 f.
proto = IPPROTO_TCP;
4691 "(msg:\"http host test\"; "
4692 "content:\"body1this\"; http_raw_host; nocase; "
4703 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4709 if (http_state == NULL) {
4710 printf(
"no http state: \n");
4719 printf(
"sid 1 didn't match but should have\n");
4726 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: \n", r);
4735 printf(
"sid 1 didn't match but should have");
4757 static int DetectEngineHttpHRHTest01(
void)
4766 uint8_t http_buf[] =
4767 "GET /index.html HTTP/1.0\r\n"
4769 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
4770 uint32_t http_len =
sizeof(http_buf) - 1;
4774 memset(&th_v, 0,
sizeof(th_v));
4775 memset(&f, 0,
sizeof(f));
4776 memset(&ssn, 0,
sizeof(ssn));
4782 f.
proto = IPPROTO_TCP;
4799 "(msg:\"http host header test\"; "
4800 "content:\"CONNECT\"; http_raw_host; "
4811 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4817 if (http_state == NULL) {
4818 printf(
"no http state: ");
4827 printf(
"sid 1 didn't match but should have: ");
4849 static int DetectEngineHttpHRHTest02(
void)
4858 uint8_t http_buf[] =
4859 "GET /index.html HTTP/1.0\r\n"
4861 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
4862 uint32_t http_len =
sizeof(http_buf) - 1;
4866 memset(&th_v, 0,
sizeof(th_v));
4867 memset(&f, 0,
sizeof(f));
4868 memset(&ssn, 0,
sizeof(ssn));
4874 f.
proto = IPPROTO_TCP;
4891 "(msg:\"http host header test\"; "
4892 "content:\"CO\"; depth:4; http_raw_host; "
4903 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
4909 if (http_state == NULL) {
4910 printf(
"no http state: ");
4919 printf(
"sid 1 didn't match but should have: ");
4941 static int DetectEngineHttpHRHTest03(
void)
4950 uint8_t http_buf[] =
4951 "GET /index.html HTTP/1.0\r\n"
4953 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
4954 uint32_t http_len =
sizeof(http_buf) - 1;
4958 memset(&th_v, 0,
sizeof(th_v));
4959 memset(&f, 0,
sizeof(f));
4960 memset(&ssn, 0,
sizeof(ssn));
4966 f.
proto = IPPROTO_TCP;
4983 "(msg:\"http_raw_host header test\"; "
4984 "content:!\"ECT\"; depth:4; http_raw_host; "
4995 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5001 if (http_state == NULL) {
5002 printf(
"no http state: ");
5011 printf(
"sid 1 didn't match but should have: ");
5033 static int DetectEngineHttpHRHTest04(
void)
5042 uint8_t http_buf[] =
5043 "GET /index.html HTTP/1.0\r\n"
5045 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5046 uint32_t http_len =
sizeof(http_buf) - 1;
5050 memset(&th_v, 0,
sizeof(th_v));
5051 memset(&f, 0,
sizeof(f));
5052 memset(&ssn, 0,
sizeof(ssn));
5058 f.
proto = IPPROTO_TCP;
5075 "(msg:\"http host header test\"; "
5076 "content:\"ECT\"; depth:4; http_raw_host; "
5087 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5093 if (http_state == NULL) {
5094 printf(
"no http state: ");
5103 printf(
"sid 1 matched but shouldn't have: ");
5125 static int DetectEngineHttpHRHTest05(
void)
5134 uint8_t http_buf[] =
5135 "GET /index.html HTTP/1.0\r\n"
5137 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5138 uint32_t http_len =
sizeof(http_buf) - 1;
5142 memset(&th_v, 0,
sizeof(th_v));
5143 memset(&f, 0,
sizeof(f));
5144 memset(&ssn, 0,
sizeof(ssn));
5150 f.
proto = IPPROTO_TCP;
5167 "(msg:\"http host header test\"; "
5168 "content:!\"CON\"; depth:4; http_raw_host; "
5179 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5185 if (http_state == NULL) {
5186 printf(
"no http state: ");
5195 printf(
"sid 1 matched but shouldn't have: ");
5217 static int DetectEngineHttpHRHTest06(
void)
5226 uint8_t http_buf[] =
5227 "GET /index.html HTTP/1.0\r\n"
5229 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5230 uint32_t http_len =
sizeof(http_buf) - 1;
5234 memset(&th_v, 0,
sizeof(th_v));
5235 memset(&f, 0,
sizeof(f));
5236 memset(&ssn, 0,
sizeof(ssn));
5242 f.
proto = IPPROTO_TCP;
5259 "(msg:\"http host header test\"; "
5260 "content:\"ECT\"; offset:3; http_raw_host; "
5271 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5277 if (http_state == NULL) {
5278 printf(
"no http state: ");
5287 printf(
"sid 1 didn't match but should have: ");
5309 static int DetectEngineHttpHRHTest07(
void)
5318 uint8_t http_buf[] =
5319 "GET /index.html HTTP/1.0\r\n"
5321 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5322 uint32_t http_len =
sizeof(http_buf) - 1;
5326 memset(&th_v, 0,
sizeof(th_v));
5327 memset(&f, 0,
sizeof(f));
5328 memset(&ssn, 0,
sizeof(ssn));
5334 f.
proto = IPPROTO_TCP;
5351 "(msg:\"http host header test\"; "
5352 "content:!\"CO\"; offset:3; http_raw_host; "
5363 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5369 if (http_state == NULL) {
5370 printf(
"no http state: ");
5379 printf(
"sid 1 didn't match but should have: ");
5401 static int DetectEngineHttpHRHTest08(
void)
5410 uint8_t http_buf[] =
5411 "GET /index.html HTTP/1.0\r\n"
5413 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5414 uint32_t http_len =
sizeof(http_buf) - 1;
5418 memset(&th_v, 0,
sizeof(th_v));
5419 memset(&f, 0,
sizeof(f));
5420 memset(&ssn, 0,
sizeof(ssn));
5426 f.
proto = IPPROTO_TCP;
5443 "(msg:\"http host header test\"; "
5444 "content:!\"ECT\"; offset:3; http_raw_host; "
5455 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5461 if (http_state == NULL) {
5462 printf(
"no http state: ");
5471 printf(
"sid 1 matched but shouldn't have: ");
5493 static int DetectEngineHttpHRHTest09(
void)
5502 uint8_t http_buf[] =
5503 "GET /index.html HTTP/1.0\r\n"
5505 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5506 uint32_t http_len =
sizeof(http_buf) - 1;
5510 memset(&th_v, 0,
sizeof(th_v));
5511 memset(&f, 0,
sizeof(f));
5512 memset(&ssn, 0,
sizeof(ssn));
5518 f.
proto = IPPROTO_TCP;
5535 "(msg:\"http host header test\"; "
5536 "content:\"CON\"; offset:3; http_raw_host; "
5547 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5553 if (http_state == NULL) {
5554 printf(
"no http state: ");
5563 printf(
"sid 1 matched but shouldn't have: ");
5585 static int DetectEngineHttpHRHTest10(
void)
5594 uint8_t http_buf[] =
5595 "GET /index.html HTTP/1.0\r\n"
5597 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5598 uint32_t http_len =
sizeof(http_buf) - 1;
5602 memset(&th_v, 0,
sizeof(th_v));
5603 memset(&f, 0,
sizeof(f));
5604 memset(&ssn, 0,
sizeof(ssn));
5610 f.
proto = IPPROTO_TCP;
5627 "(msg:\"http_raw_host header test\"; "
5628 "content:\"CO\"; http_raw_host; "
5629 "content:\"EC\"; within:4; http_raw_host; "
5640 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5646 if (http_state == NULL) {
5647 printf(
"no http state: ");
5656 printf(
"sid 1 didn't match but should have: ");
5678 static int DetectEngineHttpHRHTest11(
void)
5687 uint8_t http_buf[] =
5688 "GET /index.html HTTP/1.0\r\n"
5690 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5691 uint32_t http_len =
sizeof(http_buf) - 1;
5695 memset(&th_v, 0,
sizeof(th_v));
5696 memset(&f, 0,
sizeof(f));
5697 memset(&ssn, 0,
sizeof(ssn));
5703 f.
proto = IPPROTO_TCP;
5720 "(msg:\"http_raw_host header test\"; "
5721 "content:\"CO\"; http_raw_host; "
5722 "content:!\"EC\"; within:3; http_raw_host; "
5733 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5739 if (http_state == NULL) {
5740 printf(
"no http state: ");
5749 printf(
"sid 1 didn't match but should have: ");
5771 static int DetectEngineHttpHRHTest12(
void)
5780 uint8_t http_buf[] =
5781 "GET /index.html HTTP/1.0\r\n"
5783 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5784 uint32_t http_len =
sizeof(http_buf) - 1;
5788 memset(&th_v, 0,
sizeof(th_v));
5789 memset(&f, 0,
sizeof(f));
5790 memset(&ssn, 0,
sizeof(ssn));
5796 f.
proto = IPPROTO_TCP;
5813 "(msg:\"http_raw_host header test\"; "
5814 "content:\"CO\"; http_raw_host; "
5815 "content:\"EC\"; within:3; http_raw_host; "
5826 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5832 if (http_state == NULL) {
5833 printf(
"no http state: ");
5842 printf(
"sid 1 matched but shouldn't have: ");
5864 static int DetectEngineHttpHRHTest13(
void)
5873 uint8_t http_buf[] =
5874 "GET /index.html HTTP/1.0\r\n"
5876 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5877 uint32_t http_len =
sizeof(http_buf) - 1;
5881 memset(&th_v, 0,
sizeof(th_v));
5882 memset(&f, 0,
sizeof(f));
5883 memset(&ssn, 0,
sizeof(ssn));
5889 f.
proto = IPPROTO_TCP;
5906 "(msg:\"http_raw_host header test\"; "
5907 "content:\"CO\"; http_raw_host; "
5908 "content:!\"EC\"; within:4; http_raw_host; "
5919 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
5925 if (http_state == NULL) {
5926 printf(
"no http state: ");
5935 printf(
"sid 1 matched but shouldn't have: ");
5957 static int DetectEngineHttpHRHTest14(
void)
5966 uint8_t http_buf[] =
5967 "GET /index.html HTTP/1.0\r\n"
5969 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
5970 uint32_t http_len =
sizeof(http_buf) - 1;
5974 memset(&th_v, 0,
sizeof(th_v));
5975 memset(&f, 0,
sizeof(f));
5976 memset(&ssn, 0,
sizeof(ssn));
5982 f.
proto = IPPROTO_TCP;
5999 "(msg:\"http_raw_host header test\"; "
6000 "content:\"CO\"; http_raw_host; "
6001 "content:\"EC\"; distance:2; http_raw_host; "
6012 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6018 if (http_state == NULL) {
6019 printf(
"no http state: ");
6028 printf(
"sid 1 didn't match but should have: ");
6050 static int DetectEngineHttpHRHTest15(
void)
6059 uint8_t http_buf[] =
6060 "GET /index.html HTTP/1.0\r\n"
6062 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6063 uint32_t http_len =
sizeof(http_buf) - 1;
6067 memset(&th_v, 0,
sizeof(th_v));
6068 memset(&f, 0,
sizeof(f));
6069 memset(&ssn, 0,
sizeof(ssn));
6075 f.
proto = IPPROTO_TCP;
6092 "(msg:\"http_raw_host header test\"; "
6093 "content:\"CO\"; http_raw_host; "
6094 "content:!\"EC\"; distance:3; http_raw_host; "
6105 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6111 if (http_state == NULL) {
6112 printf(
"no http state: ");
6121 printf(
"sid 1 didn't match but should have: ");
6143 static int DetectEngineHttpHRHTest16(
void)
6152 uint8_t http_buf[] =
6153 "GET /index.html HTTP/1.0\r\n"
6155 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6156 uint32_t http_len =
sizeof(http_buf) - 1;
6160 memset(&th_v, 0,
sizeof(th_v));
6161 memset(&f, 0,
sizeof(f));
6162 memset(&ssn, 0,
sizeof(ssn));
6168 f.
proto = IPPROTO_TCP;
6185 "(msg:\"http_raw_host header test\"; "
6186 "content:\"CO\"; http_raw_host; "
6187 "content:\"EC\"; distance:3; http_raw_host; "
6198 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6204 if (http_state == NULL) {
6205 printf(
"no http state: ");
6214 printf(
"sid 1 matched but shouldn't have: ");
6236 static int DetectEngineHttpHRHTest17(
void)
6245 uint8_t http_buf[] =
6246 "GET /index.html HTTP/1.0\r\n"
6248 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6249 uint32_t http_len =
sizeof(http_buf) - 1;
6253 memset(&th_v, 0,
sizeof(th_v));
6254 memset(&f, 0,
sizeof(f));
6255 memset(&ssn, 0,
sizeof(ssn));
6261 f.
proto = IPPROTO_TCP;
6278 "(msg:\"http_raw_host header test\"; "
6279 "content:\"CO\"; http_raw_host; "
6280 "content:!\"EC\"; distance:2; http_raw_host; "
6291 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6297 if (http_state == NULL) {
6298 printf(
"no http state: ");
6307 printf(
"sid 1 matched but shouldn't have: ");
6325 static int DetectEngineHttpHRHTest18(
void)
6334 uint8_t http_buf[] =
6335 "GET /index.html HTTP/1.0\r\n"
6336 "Host: www.kaboom.com:8080\r\n"
6337 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6338 uint32_t http_len =
sizeof(http_buf) - 1;
6342 memset(&th_v, 0,
sizeof(th_v));
6343 memset(&f, 0,
sizeof(f));
6344 memset(&ssn, 0,
sizeof(ssn));
6350 f.
proto = IPPROTO_TCP;
6367 "(msg:\"http_raw_host header test\"; "
6368 "content:\"kaboom\"; http_raw_host; nocase; "
6379 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6385 if (http_state == NULL) {
6386 printf(
"no http state: ");
6395 printf(
"sid 1 didn't match but should have: ");
6413 static int DetectEngineHttpHRHTest19(
void)
6422 uint8_t http_buf[] =
6423 "GET /index.html HTTP/1.0\r\n"
6424 "Host: www.kaboom.com:8080\r\n"
6425 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6426 uint32_t http_len =
sizeof(http_buf) - 1;
6430 memset(&th_v, 0,
sizeof(th_v));
6431 memset(&f, 0,
sizeof(f));
6432 memset(&ssn, 0,
sizeof(ssn));
6438 f.
proto = IPPROTO_TCP;
6455 "(msg:\"http_raw_host header test\"; "
6456 "content:\"kaboom\"; http_raw_host; nocase; "
6467 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6473 if (http_state == NULL) {
6474 printf(
"no http state: ");
6483 printf(
"sid 1 didn't match but should have: ");
6501 static int DetectEngineHttpHRHTest20(
void)
6510 uint8_t http_buf[] =
6511 "GET /index.html HTTP/1.0\r\n"
6512 "Host: www.kaboom.com:8080\r\n"
6513 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6514 uint32_t http_len =
sizeof(http_buf) - 1;
6518 memset(&th_v, 0,
sizeof(th_v));
6519 memset(&f, 0,
sizeof(f));
6520 memset(&ssn, 0,
sizeof(ssn));
6526 f.
proto = IPPROTO_TCP;
6543 "(msg:\"http_raw_host header test\"; "
6544 "content:\"8080\"; http_raw_host; nocase; "
6555 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6561 if (http_state == NULL) {
6562 printf(
"no http state: ");
6571 printf(
"sid 1 didn't match but it should have: ");
6589 static int DetectEngineHttpHRHTest21(
void)
6598 uint8_t http_buf[] =
6599 "GET http://www.kaboom.com/index.html HTTP/1.0\r\n"
6600 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6601 uint32_t http_len =
sizeof(http_buf) - 1;
6605 memset(&th_v, 0,
sizeof(th_v));
6606 memset(&f, 0,
sizeof(f));
6607 memset(&ssn, 0,
sizeof(ssn));
6613 f.
proto = IPPROTO_TCP;
6630 "(msg:\"http_raw_host header test\"; "
6631 "content:\"kaboom\"; http_raw_host; nocase; "
6642 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6648 if (http_state == NULL) {
6649 printf(
"no http state: ");
6658 printf(
"sid 1 didn't match but should have: ");
6676 static int DetectEngineHttpHRHTest22(
void)
6685 uint8_t http_buf[] =
6686 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
6687 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6688 uint32_t http_len =
sizeof(http_buf) - 1;
6692 memset(&th_v, 0,
sizeof(th_v));
6693 memset(&f, 0,
sizeof(f));
6694 memset(&ssn, 0,
sizeof(ssn));
6700 f.
proto = IPPROTO_TCP;
6717 "(msg:\"http_raw_host header test\"; "
6718 "content:\"kaboom\"; http_raw_host; nocase; "
6729 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6735 if (http_state == NULL) {
6736 printf(
"no http state: ");
6745 printf(
"sid 1 didn't match but should have: ");
6763 static int DetectEngineHttpHRHTest23(
void)
6772 uint8_t http_buf[] =
6773 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
6774 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6775 uint32_t http_len =
sizeof(http_buf) - 1;
6779 memset(&th_v, 0,
sizeof(th_v));
6780 memset(&f, 0,
sizeof(f));
6781 memset(&ssn, 0,
sizeof(ssn));
6787 f.
proto = IPPROTO_TCP;
6804 "(msg:\"http_raw_host header test\"; "
6805 "content:\"8080\"; http_raw_host; nocase; "
6816 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6822 if (http_state == NULL) {
6823 printf(
"no http state: ");
6832 printf(
"sid 1 matched but it shouldn't have: ");
6850 static int DetectEngineHttpHRHTest24(
void)
6859 uint8_t http_buf[] =
6860 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
6861 "Host: www.rabbit.com\r\n"
6862 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6863 uint32_t http_len =
sizeof(http_buf) - 1;
6867 memset(&th_v, 0,
sizeof(th_v));
6868 memset(&f, 0,
sizeof(f));
6869 memset(&ssn, 0,
sizeof(ssn));
6875 f.
proto = IPPROTO_TCP;
6892 "(msg:\"http_raw_host header test\"; "
6893 "content:\"kaboom\"; http_raw_host; nocase; "
6904 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6910 if (http_state == NULL) {
6911 printf(
"no http state: ");
6920 printf(
"sid 1 didn't match but it should have: ");
6938 static int DetectEngineHttpHRHTest25(
void)
6947 uint8_t http_buf[] =
6948 "GET http://www.kaboom.com:8080/index.html HTTP/1.0\r\n"
6949 "Host: www.rabbit.com\r\n"
6950 "User-Agent: www.onetwothreefourfivesixseven.org\r\n\r\n";
6951 uint32_t http_len =
sizeof(http_buf) - 1;
6955 memset(&th_v, 0,
sizeof(th_v));
6956 memset(&f, 0,
sizeof(f));
6957 memset(&ssn, 0,
sizeof(ssn));
6963 f.
proto = IPPROTO_TCP;
6980 "(msg:\"http_raw_host header test\"; "
6981 "content:\"rabbit\"; http_raw_host; nocase; "
6992 printf(
"toserver chunk 1 returned %" PRId32
", expected 0: ", r);
6998 if (http_state == NULL) {
6999 printf(
"no http state: ");
7008 printf(
"sid 1 matched but it shouldn't have: ");
7044 UtRegisterTest(
"DetectEngineHttpHHTest01", DetectEngineHttpHHTest01);
7045 UtRegisterTest(
"DetectEngineHttpHHTest02", DetectEngineHttpHHTest02);
7046 UtRegisterTest(
"DetectEngineHttpHHTest03", DetectEngineHttpHHTest03);
7047 UtRegisterTest(
"DetectEngineHttpHHTest04", DetectEngineHttpHHTest04);
7048 UtRegisterTest(
"DetectEngineHttpHHTest05", DetectEngineHttpHHTest05);
7049 UtRegisterTest(
"DetectEngineHttpHHTest06", DetectEngineHttpHHTest06);
7050 UtRegisterTest(
"DetectEngineHttpHHTest07", DetectEngineHttpHHTest07);
7051 UtRegisterTest(
"DetectEngineHttpHHTest08", DetectEngineHttpHHTest08);
7052 UtRegisterTest(
"DetectEngineHttpHHTest09", DetectEngineHttpHHTest09);
7053 UtRegisterTest(
"DetectEngineHttpHHTest10", DetectEngineHttpHHTest10);
7054 UtRegisterTest(
"DetectEngineHttpHHTest11", DetectEngineHttpHHTest11);
7055 UtRegisterTest(
"DetectEngineHttpHHTest12", DetectEngineHttpHHTest12);
7056 UtRegisterTest(
"DetectEngineHttpHHTest13", DetectEngineHttpHHTest13);
7057 UtRegisterTest(
"DetectEngineHttpHHTest14", DetectEngineHttpHHTest14);
7058 UtRegisterTest(
"DetectEngineHttpHHTest15", DetectEngineHttpHHTest15);
7059 UtRegisterTest(
"DetectEngineHttpHHTest16", DetectEngineHttpHHTest16);
7060 UtRegisterTest(
"DetectEngineHttpHHTest17", DetectEngineHttpHHTest17);
7061 UtRegisterTest(
"DetectEngineHttpHHTest18", DetectEngineHttpHHTest18);
7062 UtRegisterTest(
"DetectEngineHttpHHTest19", DetectEngineHttpHHTest19);
7063 UtRegisterTest(
"DetectEngineHttpHHTest20", DetectEngineHttpHHTest20);
7064 UtRegisterTest(
"DetectEngineHttpHHTest21", DetectEngineHttpHHTest21);
7065 UtRegisterTest(
"DetectEngineHttpHHTest22", DetectEngineHttpHHTest22);
7066 UtRegisterTest(
"DetectEngineHttpHHTest23", DetectEngineHttpHHTest23);
7067 UtRegisterTest(
"DetectEngineHttpHHTest24", DetectEngineHttpHHTest24);
7068 UtRegisterTest(
"DetectEngineHttpHHTest25", DetectEngineHttpHHTest25);
7082 UtRegisterTest(
"DetectEngineHttpHRHTest01", DetectEngineHttpHRHTest01);
7083 UtRegisterTest(
"DetectEngineHttpHRHTest02", DetectEngineHttpHRHTest02);
7084 UtRegisterTest(
"DetectEngineHttpHRHTest03", DetectEngineHttpHRHTest03);
7085 UtRegisterTest(
"DetectEngineHttpHRHTest04", DetectEngineHttpHRHTest04);
7086 UtRegisterTest(
"DetectEngineHttpHRHTest05", DetectEngineHttpHRHTest05);
7087 UtRegisterTest(
"DetectEngineHttpHRHTest06", DetectEngineHttpHRHTest06);
7088 UtRegisterTest(
"DetectEngineHttpHRHTest07", DetectEngineHttpHRHTest07);
7089 UtRegisterTest(
"DetectEngineHttpHRHTest08", DetectEngineHttpHRHTest08);
7090 UtRegisterTest(
"DetectEngineHttpHRHTest09", DetectEngineHttpHRHTest09);
7091 UtRegisterTest(
"DetectEngineHttpHRHTest10", DetectEngineHttpHRHTest10);
7092 UtRegisterTest(
"DetectEngineHttpHRHTest11", DetectEngineHttpHRHTest11);
7093 UtRegisterTest(
"DetectEngineHttpHRHTest12", DetectEngineHttpHRHTest12);
7094 UtRegisterTest(
"DetectEngineHttpHRHTest13", DetectEngineHttpHRHTest13);
7095 UtRegisterTest(
"DetectEngineHttpHRHTest14", DetectEngineHttpHRHTest14);
7096 UtRegisterTest(
"DetectEngineHttpHRHTest15", DetectEngineHttpHRHTest15);
7097 UtRegisterTest(
"DetectEngineHttpHRHTest16", DetectEngineHttpHRHTest16);
7098 UtRegisterTest(
"DetectEngineHttpHRHTest17", DetectEngineHttpHRHTest17);
7099 UtRegisterTest(
"DetectEngineHttpHRHTest18", DetectEngineHttpHRHTest18);
7100 UtRegisterTest(
"DetectEngineHttpHRHTest19", DetectEngineHttpHRHTest19);
7101 UtRegisterTest(
"DetectEngineHttpHRHTest20", DetectEngineHttpHRHTest20);
7102 UtRegisterTest(
"DetectEngineHttpHRHTest21", DetectEngineHttpHRHTest21);
7103 UtRegisterTest(
"DetectEngineHttpHRHTest22", DetectEngineHttpHRHTest22);
7104 UtRegisterTest(
"DetectEngineHttpHRHTest23", DetectEngineHttpHRHTest23);
7105 UtRegisterTest(
"DetectEngineHttpHRHTest24", DetectEngineHttpHRHTest24);
7106 UtRegisterTest(
"DetectEngineHttpHRHTest25", DetectEngineHttpHRHTest25);