[Oisf-users] Our team added application layer protocol detection & parser for several protocols, such FTP, TELNT, IMAP, POP3 & SMB. How to test them effectively? Thanks.

Victor Julien lists at inliniac.net
Tue Jun 11 14:28:55 UTC 2019


On 11-06-19 16:25, Ma Allen wrote:
> Our team added application layer protocol detection & parser for several
> protocols, such FTP, TELNT, IMAP, POP3 & SMB. How to test them
> effectively? Thanks.
> 
> We've already tried cppcheck, valgrind and traffic replay testing
> (multi-gigabit). Meanwhile, I also enable debug-validation in
> configuration as follows:
> ./configure --prefix=/home/mazh/projects/test_performance
> --localstatedir=/home/mazh/projects/test_performance
> --enable-unix-socket --with-libnss-libraries=/usr/lib64
> --with-libnss-includes=/usr/include/nss3
> --with-libnspr-libraries=/usr/lib64
> --with-libnspr-includes=/usr/include/nspr4  --enable-non-bundled-htp
> --with-libhtp-includes=/usr/local/include/htp
> --with-libhtp-libraries=/usr/local/lib --enable-debug
> --enable-debug-validation--enable-netmap
> 
> What are the recommended ways to test the newly added features? Any
> suggestion will be appreciated. Thanks in advance.
> 
> Besides, I refer to Suricata's QA steps as mentioned in README but
> there's no detailed instructions.

These are only available to code that is submitted as a contribution to
our github. I'd be happy to run that code if you intend to get it merged.

-- 
---------------------------------------------
Victor Julien
http://www.inliniac.net/
PGP: http://www.inliniac.net/victorjulien.asc
---------------------------------------------



More information about the Oisf-users mailing list