def test_fnmatch_some_group(self): matchers = rulematcher.parse_group_name_matchers( "group: rules/icmp*.rules") self.assertEquals(1, len(matchers)) self.assertTrue(matchers[0].match(MockRule(group="rules/icmp.rules"))) self.assertTrue(matchers[0].match(MockRule( group="rules/icmp-info.rules")))
def test_multi_group(self): matchers = rulematcher.parse_group_name_matchers( "group:icmp.rules,x11.rules, emerging-malware.rules") self.assertEquals(3, len(matchers)) self.assertTrue(matchers[0].match(MockRule(group="icmp.rules"))) self.assertTrue(matchers[1].match(MockRule(group="x11.rules"))) self.assertTrue(matchers[2].match(MockRule( group="emerging-malware.rules")))
def test_fnmatch_all_group(self): matchers = rulematcher.parse_group_name_matchers("group:*") self.assertEquals(1, len(matchers)) self.assertTrue(matchers[0].match(MockRule(group="icmp.rules")))