use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.
the class FixedPcapFilterTest method testMissingSrcPort.
@Test
public void testMissingSrcPort() throws Exception {
Configuration config = new Configuration();
final HashMap<String, String> fields = new HashMap<String, String>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), "1");
put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
}
};
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 100);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
}
use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.
the class FixedPcapFilterTest method testReverseTraffic.
@Test
public void testReverseTraffic() throws Exception {
Configuration config = new Configuration();
final Map<String, String> fields = new HashMap<String, String>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), "0");
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), "1");
put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "true");
}
};
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected Map<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected Map<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "dst_ip");
put(Constants.Fields.SRC_PORT.getName(), 1);
put(Constants.Fields.DST_ADDR.getName(), "src_ip");
put(Constants.Fields.DST_PORT.getName(), 0);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected Map<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "dst_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "src_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertFalse(filter.test(null));
}
}
use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.
the class FixedPcapFilterTest method testMissingDstAddr.
@Test
public void testMissingDstAddr() throws Exception {
Configuration config = new Configuration();
final HashMap<String, String> fields = new HashMap<String, String>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), "0");
put(Constants.Fields.DST_PORT.getName(), "1");
put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
}
};
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip1");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertFalse(filter.test(null));
}
}
use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.
the class FixedPcapFilterTest method testMissingSrcAddr.
@Test
public void testMissingSrcAddr() throws Exception {
Configuration config = new Configuration();
final HashMap<String, String> fields = new HashMap<String, String>() {
{
put(Constants.Fields.SRC_PORT.getName(), "0");
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), "1");
put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
}
};
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
}
use of org.apache.metron.pcap.filter.fixed.FixedPcapFilter in project metron by apache.
the class FixedPcapFilterTest method testMissingDstPort.
@Test
public void testMissingDstPort() throws Exception {
Configuration config = new Configuration();
final HashMap<String, String> fields = new HashMap<String, String>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), "0");
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.INCLUDES_REVERSE_TRAFFIC.getName(), "false");
}
};
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 1);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 0);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 100);
}
};
}
};
filter.configure(config);
Assert.assertTrue(filter.test(null));
}
new FixedPcapFilter.Configurator().addToConfig(fields, config);
{
FixedPcapFilter filter = new FixedPcapFilter() {
@Override
protected HashMap<String, Object> packetToFields(PacketInfo pi) {
return new HashMap<String, Object>() {
{
put(Constants.Fields.SRC_ADDR.getName(), "src_ip");
put(Constants.Fields.SRC_PORT.getName(), 100);
put(Constants.Fields.DST_ADDR.getName(), "dst_ip");
put(Constants.Fields.DST_PORT.getName(), 100);
}
};
}
};
filter.configure(config);
Assert.assertFalse(filter.test(null));
}
}
Aggregations