def test_match(self):
rule = suricata.update.rule.parse(self.rule_string,
"rules/malware.rules")
matcher = main.parse_rule_match("group: malware.rules")
self.assertEquals(matcher.__class__, suricata.update.main.GroupMatcher)
self.assertTrue(matcher.match(rule))
# Test match of just the group basename.
matcher = main.parse_rule_match("group: malware")
self.assertEquals(matcher.__class__, suricata.update.main.GroupMatcher)
self.assertTrue(matcher.match(rule))
def test_match(self):
rule = suricata.update.rule.parse(self.rule_string,
"rules/trojan.rules")
matcher = main.parse_rule_match("filename: */trojan.rules")
self.assertEquals(matcher.__class__,
suricata.update.main.FilenameMatcher)
self.assertTrue(matcher.match(rule))