Add ICMP checksum check and set risk if mismatch detected.add/icmp-tunnel-chksm-risk

Signed-off-by: Toni Uhlig <matzeton@googlemail.com>

2 files changed, 8 insertions, 0 deletions

diff --git a/tests/pcap/icmp-tunnel.pcap b/tests/pcap/icmp-tunnel.pcap
new file mode 100644
index 000000000..1d2338e93
--- /dev/null
+++ b/tests/pcap/icmp-tunnel.pcap
diff --git a/tests/result/icmp-tunnel.pcap.out b/tests/result/icmp-tunnel.pcap.out
new file mode 100644
index 000000000..d879183bb
--- /dev/null
+++ b/tests/result/icmp-tunnel.pcap.out
@@ -0,0 +1,8 @@
+Guessed flow protos:	0
+
+DPI Packets (other):	1	(1.00 pkts/flow)
+Confidence DPI              : 1 (flows)
+
+ICMP	863	190810	1
+
+	1	ICMP 192.168.154.131:0 <-> 192.168.154.132:0 [proto: 81/ICMP][ClearText][Confidence: DPI][cat: Network/14][448 pkts/98566 bytes <-> 415 pkts/92244 bytes][Goodput ratio: 81/81][1122.51 sec][bytes ratio: 0.033 (Mixed)][IAT c2s/s2c min/avg/max/stddev: 0/0 2578/2731 145505/145505 9091/9494][Pkt Len c2s/s2c min/avg/max/stddev: 74/74 220/222 1075/1070 245/245][Risk: ** Malformed Packet **][Risk Score: 10][PLAIN TEXT (OpenSSH5)][Plen Bins: 0,32,24,24,7,3,3,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]