tests: add multi-tenancy tests

tests/multi-tenant-01/a.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,a; http.method; content:"GET"; sid:1;)

tests/multi-tenant-01/a.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- a.rule

tests/multi-tenant-01/b.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,a; http.method; content:"POST"; sid:2;)

tests/multi-tenant-01/b.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- b.rule

tests/multi-tenant-01/c.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,c; http.method; content:"POST"; sid:3;)

tests/multi-tenant-01/c.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- c.rule

tests/multi-tenant-01/d.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,d; http.method; content:"POST"; sid:4;)

tests/multi-tenant-01/d.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- d.rule

tests/multi-tenant-01/suricata.yaml

@@ -0,0 +1,39 @@
+%YAML 1.1
+---
+
+multi-detect:
+  enabled: yes
+  selector: vlan
+  loaders: 4
+
+  tenants:
+  - tenant:
+    id: 1
+    yaml: a.yaml
+  - tenant:
+    id: 2
+    yaml: b.yaml
+  - tenant:
+    id: 3
+    yaml: c.yaml
+  - tenant:
+    id: 4
+    yaml: d.yaml
+
+  mappings:
+  - vlan:
+    vlan-id: 1000
+    tenant-id: 1
+  - vlan:
+    vlan-id: 2000
+    tenant-id: 2
+  - vlan:
+    vlan-id: 1112
+    tenant-id: 3
+  - vlan:
+    vlan-id: 1111
+    tenant-id: 4
+
+engine-analysis:
+  rules-fast-pattern: yes
+  rules: yes

tests/multi-tenant-01/test.yaml

@@ -0,0 +1,11 @@
+requires:
+  pcap: false
+
+args:
+- --set multi-detect.config-path=${TEST_DIR}
+- --set multi-detect.1.default-rule-path=${TEST_DIR}
+- --set multi-detect.2.default-rule-path=${TEST_DIR}
+- --set multi-detect.3.default-rule-path=${TEST_DIR}
+- --set multi-detect.4.default-rule-path=${TEST_DIR}
+- --engine-analysis
+- -vv

tests/multi-tenant-02-test/a.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,a; http.method; content:"GET"; sid:1;)

tests/multi-tenant-02-test/a.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- a.rule

tests/multi-tenant-02-test/b.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,a; http.method; content:"POST"; sid:2;)

tests/multi-tenant-02-test/b.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- b.rule

tests/multi-tenant-02-test/c.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,c; http.method; content:"POST"; sid:3;)

tests/multi-tenant-02-test/c.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- c.rule

tests/multi-tenant-02-test/d.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,d; http.method; content:"POST"; sid:4;)

tests/multi-tenant-02-test/d.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- d.rule

tests/multi-tenant-02-test/suricata.yaml

@@ -0,0 +1,39 @@
+%YAML 1.1
+---
+
+multi-detect:
+  enabled: yes
+  selector: vlan
+  loaders: 4
+
+  tenants:
+  - tenant:
+    id: 1
+    yaml: a.yaml
+  - tenant:
+    id: 2
+    yaml: b.yaml
+  - tenant:
+    id: 3
+    yaml: c.yaml
+  - tenant:
+    id: 4
+    yaml: d.yaml
+
+  mappings:
+  - vlan:
+    vlan-id: 1000
+    tenant-id: 1
+  - vlan:
+    vlan-id: 2000
+    tenant-id: 2
+  - vlan:
+    vlan-id: 1112
+    tenant-id: 3
+  - vlan:
+    vlan-id: 1111
+    tenant-id: 4
+
+engine-analysis:
+  rules-fast-pattern: yes
+  rules: yes

tests/multi-tenant-02-test/test.yaml

@@ -0,0 +1,11 @@
+requires:
+  pcap: false
+
+args:
+- --set multi-detect.config-path=${TEST_DIR}
+- --set multi-detect.1.default-rule-path=${TEST_DIR}
+- --set multi-detect.2.default-rule-path=${TEST_DIR}
+- --set multi-detect.3.default-rule-path=${TEST_DIR}
+- --set multi-detect.4.default-rule-path=${TEST_DIR}
+- -T
+- -vv

tests/multi-tenant-03-pcap/a.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,a; http.method; content:"GET"; sid:1;)

tests/multi-tenant-03-pcap/a.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- a.rule

tests/multi-tenant-03-pcap/b.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,a; http.method; content:"POST"; sid:2;)

tests/multi-tenant-03-pcap/b.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- b.rule

tests/multi-tenant-03-pcap/c.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,c; http.method; content:"POST"; sid:3;)

tests/multi-tenant-03-pcap/c.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- c.rule

tests/multi-tenant-03-pcap/d.rule

@@ -0,0 +1 @@
+alert http any any -> any any (flowbits:set,d; http.method; content:"POST"; sid:4;)

tests/multi-tenant-03-pcap/d.yaml

@@ -0,0 +1,5 @@
+%YAML 1.1
+---
+
+rule-files:
+- d.rule

tests/multi-tenant-03-pcap/suricata.yaml

@@ -0,0 +1,39 @@
+%YAML 1.1
+---
+
+multi-detect:
+  enabled: yes
+  selector: vlan
+  loaders: 4
+
+  tenants:
+  - tenant:
+    id: 1
+    yaml: a.yaml
+  - tenant:
+    id: 2
+    yaml: b.yaml
+  - tenant:
+    id: 3
+    yaml: c.yaml
+  - tenant:
+    id: 4
+    yaml: d.yaml
+
+  mappings:
+  - vlan:
+    vlan-id: 1000
+    tenant-id: 1
+  - vlan:
+    vlan-id: 2000
+    tenant-id: 2
+  - vlan:
+    vlan-id: 1112
+    tenant-id: 3
+  - vlan:
+    vlan-id: 1111
+    tenant-id: 4
+
+engine-analysis:
+  rules-fast-pattern: yes
+  rules: yes

tests/multi-tenant-03-pcap/test.yaml

@@ -0,0 +1,9 @@
+pcap: ../filestore-filecontainer-http/filecontainer-http.pcap
+
+args:
+- --set multi-detect.config-path=${TEST_DIR}
+- --set multi-detect.1.default-rule-path=${TEST_DIR}
+- --set multi-detect.2.default-rule-path=${TEST_DIR}
+- --set multi-detect.3.default-rule-path=${TEST_DIR}
+- --set multi-detect.4.default-rule-path=${TEST_DIR}
+- -vv