diff options
author | Marco Pfatschbacher <mpf@cvs.openbsd.org> | 2007-09-19 20:57:45 +0000 |
---|---|---|
committer | Marco Pfatschbacher <mpf@cvs.openbsd.org> | 2007-09-19 20:57:45 +0000 |
commit | 591a3e866190ff474de5ea9dcb30b4e71d86a41c (patch) | |
tree | 994b77ddc8ee2277f292fdd5a91bdd3bd04e6f2c | |
parent | 9f63c03685e6f25692c601d752d0e88b83a473df (diff) |
Add a few "flags any" and "no state" to have the rulesets
match against the old checksums again.
-rw-r--r-- | regress/sbin/pfctl/pfchksum1.in | 10 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfchksum2.in | 10 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfchksum3.in | 14 |
3 files changed, 17 insertions, 17 deletions
diff --git a/regress/sbin/pfctl/pfchksum1.in b/regress/sbin/pfctl/pfchksum1.in index a2f621bb692..a6393ac6077 100644 --- a/regress/sbin/pfctl/pfchksum1.in +++ b/regress/sbin/pfctl/pfchksum1.in @@ -26,9 +26,9 @@ pass out on tun1000000 proto udp all keep state pass in on tun1000000 proto udp from any to any port = domain keep state -pass out on tun1000000 proto tcp all keep state +pass out on tun1000000 proto tcp all flags any -pass in on tun1000000 proto tcp from any to any port = ssh keep state -pass in on tun1000000 proto tcp from any to any port = smtp keep state -pass in on tun1000000 proto tcp from any to any port = domain keep state -pass in on tun1000000 proto tcp from any to any port = auth keep state +pass in on tun1000000 proto tcp from any to any port = ssh flags any +pass in on tun1000000 proto tcp from any to any port = smtp flags any +pass in on tun1000000 proto tcp from any to any port = domain flags any +pass in on tun1000000 proto tcp from any to any port = auth flags any diff --git a/regress/sbin/pfctl/pfchksum2.in b/regress/sbin/pfctl/pfchksum2.in index 1ecb10ee539..abcf30aa0ef 100644 --- a/regress/sbin/pfctl/pfchksum2.in +++ b/regress/sbin/pfctl/pfchksum2.in @@ -26,9 +26,9 @@ pass out on tun1000000 proto udp all keep state pass in on tun1000000 proto udp from any to any port = domain keep state -pass out on tun1000000 proto tcp all keep state +pass out on tun1000000 proto tcp all flags any -pass in on tun1000000 proto tcp from any to any port = ssh keep state -pass in on tun1000000 proto tcp from any to any port = smtp keep state -pass in on tun1000000 proto tcp from any to any port = domain keep state -pass in on tun1000000 proto tcp from any to any port = auth keep state +pass in on tun1000000 proto tcp from any to any port = ssh flags any +pass in on tun1000000 proto tcp from any to any port = smtp flags any +pass in on tun1000000 proto tcp from any to any port = domain flags any +pass in on tun1000000 proto tcp from any to any port = auth flags any diff --git a/regress/sbin/pfctl/pfchksum3.in b/regress/sbin/pfctl/pfchksum3.in index 626bd582f3d..ec3e6997589 100644 --- a/regress/sbin/pfctl/pfchksum3.in +++ b/regress/sbin/pfctl/pfchksum3.in @@ -1,8 +1,8 @@ -pass in all -pass in from any to any -pass in proto tcp from any port <= 1024 to any label foo_bar -pass in proto tcp from any to any port = 25 -pass in proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3 port != 22 -pass in proto igmp from 10.0.0.0/8 to 10.1.1.1 allow-opts -pass in proto tcp from { 1.2.3.4, 1.2.3.5 } to any label \ +pass in all flags any no state +pass in from any to any flags any no state +pass in proto tcp from any port <= 1024 to any flags any no state label foo_bar +pass in proto tcp from any to any port = 25 flags any no state +pass in proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3 port != 22 flags any no state +pass in proto igmp from 10.0.0.0/8 to 10.1.1.1 allow-opts no state +pass in proto tcp from { 1.2.3.4, 1.2.3.5 } to any flags any no state label \ "$nr:$proto:$srcaddr:$srcport:$dstaddr:$dstport" |