diff options
| author | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2004-10-01 23:19:19 +0000 |
|---|---|---|
| committer | Ryan Thomas McBride <mcbride@cvs.openbsd.org> | 2004-10-01 23:19:19 +0000 |
| commit | 7a9f234642fbb5dbdd9b5d059ea15b766bb69781 (patch) | |
| tree | 1c0d026317f29e130a9d364480a436e8c42eefa2 | |
| parent | 65b3cbca1b730ecd835c6611773f0a9b00c49462 (diff) | |
First pass at doing regress tests on the optimizer (pfctl -o).
Still need to add some more input files to test specific corner cases.
64 files changed, 2427 insertions, 1 deletions
diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile index 1312cc03440..8c100e8f8aa 100644 --- a/regress/sbin/pfctl/Makefile +++ b/regress/sbin/pfctl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.180 2004/07/03 19:31:34 henning Exp $ +# $OpenBSD: Makefile,v 1.181 2004/10/01 23:19:17 mcbride Exp $ # TARGETS # pf: feed pfNN.in through pfctl and check wether the output matches pfNN.ok @@ -8,6 +8,7 @@ # pfr: table tests # pfsimple: just check wether pfctl accepts a given ruleset, not checking output # pfload: load ruleset into anchor regress and verify pfctl -vvsr +# pfoptimize: as pfload, with -o flag to pfctl # pfopt: as target pf, but supply extra command line options PFTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 @@ -134,6 +135,31 @@ pfload-update: ${PFLOAD_UPDATES} REGRESS_TARGETS+=pfload UPDATE_TARGETS+=pfload-update +.for n in ${PFLOAD} +PFOPTIMIZE_TARGETS+=pfoptimize${n} +PFOPTIMIZE_UPDATES+=pfoptimize${n}-update + +pfoptimize${n}: + ${SUDO} pfctl -o -a regress -f - < ${.CURDIR}/pf${n}.in + (${SUDO} pfctl -a regress -gvvsn; \ + ${SUDO} pfctl -a regress -gvvsr) | \ + diff -u ${.CURDIR}/pf${n}.optimized /dev/stdin + ${SUDO} pfctl -a regress -Fn >/dev/null 2>&1 + ${SUDO} pfctl -a regress -Fr >/dev/null 2>&1 + +pfoptimize${n}-update: + ${SUDO} pfctl -o -a regress -f - < ${.CURDIR}/pf${n}.in + (${SUDO} pfctl -a regress -gvvsn; \ + ${SUDO} pfctl -a regress -gvvsr) > ${.CURDIR}/pf${n}.optimized + ${SUDO} pfctl -a regress -Fn >/dev/null 2>&1 + ${SUDO} pfctl -a regress -Fr >/dev/null 2>&1 + +.endfor + +pfoptimize: ${PFOPTIMIZE_TARGETS} +pfoptimize-update: ${PFOPTIMIZE_UPDATES} +REGRESS_TARGETS+=pfoptimize + .for n in ${PFTABLE} PFR_TARGETS+=pfr${n} PFR_UPDATES+=pfr${n}-update diff --git a/regress/sbin/pfctl/pf1.optimized b/regress/sbin/pfctl/pf1.optimized new file mode 100644 index 00000000000..b790542fa9f --- /dev/null +++ b/regress/sbin/pfctl/pf1.optimized @@ -0,0 +1,28 @@ +@0 pass in all + [ Skip steps: i=end d=end f=3 sa=3 da=3 dp=2 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in proto tcp from any port <= 1024 to any label "foo_bar" + [ Skip steps: i=end d=end f=3 p=4 sa=3 da=3 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in proto tcp from any to any port = smtp + [ Skip steps: i=end d=end p=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in inet proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3 port != ssh + [ Skip steps: i=end d=end f=end sa=5 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in inet proto igmp from 10.0.0.0/8 to 10.1.1.1 allow-opts + [ Skip steps: i=end d=end f=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in inet proto tcp from 1.2.3.4 to any label "6:tcp:1.2.3.4::any:" + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass in inet proto tcp from 1.2.3.5 to any label "7:tcp:1.2.3.5::any:" + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf10.optimized b/regress/sbin/pfctl/pf10.optimized new file mode 100644 index 00000000000..616d1c5beac --- /dev/null +++ b/regress/sbin/pfctl/pf10.optimized @@ -0,0 +1,76 @@ +@0 pass in inet proto icmp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block drop in inet proto icmp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block drop in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block return-rst in inet proto tcp all + [ Skip steps: i=end d=end p=8 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block return-rst in inet6 proto tcp all + [ Skip steps: i=end d=end p=8 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 block return-rst(ttl 10) in inet proto tcp all + [ Skip steps: i=end d=end p=8 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 block return-rst(ttl 10) in inet6 proto tcp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 block return-icmp(port-unr) in inet proto icmp all + [ Skip steps: i=end d=end f=13 p=13 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 block return-icmp(net-unr) in inet proto icmp all + [ Skip steps: i=end d=end f=13 p=13 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 block return-icmp(srcfail) in inet proto icmp all + [ Skip steps: i=end d=end f=13 p=13 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 block return-icmp(host-prohib) in inet proto icmp all + [ Skip steps: i=end d=end f=13 p=13 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 block return-icmp(cutoff-preced) in inet proto icmp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 block return-icmp6(port-unr) in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end f=18 p=18 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 block return-icmp6(noroute-unr) in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end f=18 p=18 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 block return-icmp6(admin-unr) in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end f=18 p=18 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 block return-icmp6(notnbr-unr) in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end f=18 p=18 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 block return-icmp6(addr-unr) in inet6 proto ipv6-icmp all + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 block return-icmp(srcfail, admin-unr) in all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf11.optimized b/regress/sbin/pfctl/pf11.optimized new file mode 100644 index 00000000000..a72c3b51d96 --- /dev/null +++ b/regress/sbin/pfctl/pf11.optimized @@ -0,0 +1,72 @@ +@0 pass in inet proto icmp all icmp-type echorep + [ Skip steps: i=end d=end f=4 p=4 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in inet proto icmp all icmp-type echorep code 0 + [ Skip steps: i=end d=end f=4 p=4 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in inet proto icmp all icmp-type 1 + [ Skip steps: i=end d=end f=4 p=4 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in inet proto icmp all icmp-type 1 code 1 + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in inet6 proto ipv6-icmp all icmp6-type 0 + [ Skip steps: i=end d=end f=8 p=8 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in inet6 proto ipv6-icmp all icmp6-type 0 code 0 + [ Skip steps: i=end d=end f=8 p=8 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass in inet6 proto ipv6-icmp all icmp6-type unreach + [ Skip steps: i=end d=end f=8 p=8 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 pass in inet6 proto ipv6-icmp all icmp6-type unreach code admin-unr + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 block drop in inet proto icmp all icmp-type echorep + [ Skip steps: i=end d=end f=12 p=12 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 block drop in inet proto icmp all icmp-type echorep code 0 + [ Skip steps: i=end d=end f=12 p=12 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 block drop in inet proto icmp all icmp-type 1 + [ Skip steps: i=end d=end f=12 p=12 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 block drop in inet proto icmp all icmp-type 1 code 1 + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 block drop in inet6 proto ipv6-icmp all icmp6-type 0 + [ Skip steps: i=end d=end f=16 p=16 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 block drop in inet6 proto ipv6-icmp all icmp6-type 0 code 0 + [ Skip steps: i=end d=end f=16 p=16 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 block drop in inet6 proto ipv6-icmp all icmp6-type unreach + [ Skip steps: i=end d=end f=16 p=16 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 block drop in inet6 proto ipv6-icmp all icmp6-type unreach code admin-unr + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 pass in inet proto icmp all icmp-type unreach code needfrag + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 pass in inet6 proto ipv6-icmp all icmp6-type timex code reassemb + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf12.optimized b/regress/sbin/pfctl/pf12.optimized new file mode 100644 index 00000000000..c928123b373 --- /dev/null +++ b/regress/sbin/pfctl/pf12.optimized @@ -0,0 +1,20 @@ +@0 pass in inet from ! 127.0.0.1 to 127.0.0.0/16 + [ Skip steps: i=end d=end f=end p=end sa=2 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in inet from ! 127.0.0.1 to ! 127.0.0.0/8 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in inet from 127.0.0.1 to 127.0.0.0/8 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in inet from 127.0.0.0/16 to 127.0.0.0/24 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in inet from 127.0.0.0/25 to ! 127.0.0.0/26 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf13.optimized b/regress/sbin/pfctl/pf13.optimized new file mode 100644 index 00000000000..4eb40cccfc8 --- /dev/null +++ b/regress/sbin/pfctl/pf13.optimized @@ -0,0 +1,56 @@ +@0 pass in quick on enc0 fastroute all + [ Skip steps: p=4 sa=6 sp=end da=2 dp=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass out quick on tun1000000 route-to tun1000001 inet all + [ Skip steps: i=end d=4 f=3 p=4 sa=6 sp=end dp=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass out quick on tun1000000 route-to tun1000001 inet from any to 192.168.1.1 + [ Skip steps: i=end d=4 p=4 sa=6 sp=end dp=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass out quick on tun1000000 route-to tun1000001 inet6 from any to fec0::1 + [ Skip steps: i=end sa=6 sp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block drop in on tun1000000 dup-to (tun1000001 192.168.1.1) inet proto tcp from any to any port = ftp + [ Skip steps: i=end d=end p=6 sa=6 sp=end da=6 dp=6 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block drop in on tun1000000 dup-to (tun1000001 fec0::1) inet6 proto tcp from any to any port = ftp + [ Skip steps: i=end d=end sp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass in quick on tun1000000 route-to tun1000001 inet from 192.168.1.1 to 10.1.1.1 + [ Skip steps: i=end d=end p=8 sp=end dp=8 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 pass in quick on tun1000000 route-to tun1000001 inet6 from fec0::/64 to fec1::2 + [ Skip steps: i=end d=end sp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 block drop in on tun1000000 reply-to (tun1000001 192.168.1.1) inet proto tcp from any to any port = ftp + [ Skip steps: i=end d=end p=10 sa=10 sp=end da=10 dp=10 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 block drop in on tun1000000 reply-to (tun1000001 fec0::1) inet6 proto tcp from any to any port = ftp + [ Skip steps: i=end d=end sp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 pass in quick on tun1000000 reply-to tun1000001 inet from 192.168.1.1 to 10.1.1.1 + [ Skip steps: i=end d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 pass in quick on tun1000000 reply-to tun1000001 inet6 from fec0::/64 to fec1::2 + [ Skip steps: i=end d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 pass in quick on tun1000000 dup-to (tun1000001 192.168.1.100) inet from 192.168.1.1 to 10.1.1.1 + [ Skip steps: i=end d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 pass in quick on tun1000000 dup-to (tun1000001 fec1::2) inet6 from fec0::/64 to fec1::2 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf14.optimized b/regress/sbin/pfctl/pf14.optimized new file mode 100644 index 00000000000..7c732e166ce --- /dev/null +++ b/regress/sbin/pfctl/pf14.optimized @@ -0,0 +1,8 @@ +@0 pass in quick on lo0 inet6 from fe80::1 to any + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in quick on lo0 inet6 from any to fe80::1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf15.optimized b/regress/sbin/pfctl/pf15.optimized new file mode 100644 index 00000000000..d195ad407e3 --- /dev/null +++ b/regress/sbin/pfctl/pf15.optimized @@ -0,0 +1,108 @@ +@0 no scrub on lo0 inet from 192.168.1.1 to 10.1.2.3 + [ Skip steps: i=4 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub in on lo0 all no-df fragment reassemble + [ Skip steps: i=4 d=3 f=4 p=end sa=8 sp=end da=4 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub in log on lo0 all min-ttl 25 fragment reassemble + [ Skip steps: i=4 f=4 p=end sa=8 sp=end da=4 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub on lo0 all max-mss 224 fragment reassemble + [ Skip steps: p=end sa=8 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 scrub out log on lo1000000 inet from any to 10.0.0.1 no-df max-mss 224 fragment reassemble + [ Skip steps: p=end sa=8 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 scrub in on lo0 all max-mss 224 fragment reassemble + [ Skip steps: i=7 d=end f=8 p=end sa=8 sp=end da=9 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 scrub in log on lo0 all fragment reassemble + [ Skip steps: d=end f=8 p=end sa=8 sp=end da=9 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 scrub in log on lo1000000 all fragment reassemble + [ Skip steps: d=end p=end sp=end da=9 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 scrub in on lo0 inet from (lo0:1) to any fragment reassemble + [ Skip steps: i=11 d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 scrub in log on lo0 inet6 from (lo1000000:*) to 2000::1 fragment reassemble + [ Skip steps: i=11 d=end f=11 p=end sp=end da=11 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 scrub in log on lo0 inet6 from (lo0:2) to 2000::1 fragment reassemble + [ Skip steps: d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 scrub in inet from 10.0.0.1 to 10.0.0.3 fragment reassemble + [ Skip steps: i=17 d=end f=16 p=end sa=13 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 scrub in inet from 10.0.0.1 to 10.0.0.4 fragment reassemble + [ Skip steps: i=17 d=end f=16 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 scrub in inet from 10.0.0.2 to 10.0.0.3 fragment reassemble + [ Skip steps: i=17 d=end f=16 p=end sa=15 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 scrub in inet from 10.0.0.2 to 10.0.0.4 fragment reassemble + [ Skip steps: i=17 d=end f=16 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 scrub in inet from 127.0.0.1 to any fragment reassemble + [ Skip steps: i=17 d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 scrub in inet6 from ::1 to any fragment reassemble + [ Skip steps: d=end f=18 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 scrub in on lo0 inet6 from fe80::1 to any fragment reassemble + [ Skip steps: d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 scrub in inet from 10.1.1.1 to any fragment reassemble + [ Skip steps: i=22 d=end f=21 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 scrub in inet from 10.0.0.1 to any fragment reassemble + [ Skip steps: i=22 d=end f=21 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 scrub in inet from 127.0.0.1 to any fragment reassemble + [ Skip steps: i=22 d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 scrub in inet6 from ::1 to any fragment reassemble + [ Skip steps: d=end f=23 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@22 scrub in on lo0 inet6 from fe80::1 to any fragment reassemble + [ Skip steps: d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@23 scrub in inet from ! 127.0.0.1 to any fragment reassemble + [ Skip steps: i=25 d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@24 scrub in inet6 from ! ::1 to any fragment reassemble + [ Skip steps: d=end f=26 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@25 scrub in on lo0 inet6 from ! fe80::1 to any fragment reassemble + [ Skip steps: d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@26 scrub in on ! lo0 all fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf16.optimized b/regress/sbin/pfctl/pf16.optimized new file mode 100644 index 00000000000..7cf47b89dd6 --- /dev/null +++ b/regress/sbin/pfctl/pf16.optimized @@ -0,0 +1,20 @@ +@0 nat on lo0 inet from 192.168.1.1 to any -> 10.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr on lo0 inet proto tcp from any to 1.2.3.4 port = 2222 -> 10.0.0.10 port 22 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 binat on lo0 inet from 192.168.1.1 to any -> 10.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 scrub in on lo0 all fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 pass in on lo1000000 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf17.optimized b/regress/sbin/pfctl/pf17.optimized new file mode 100644 index 00000000000..1279985eae8 --- /dev/null +++ b/regress/sbin/pfctl/pf17.optimized @@ -0,0 +1,176 @@ +@0 no binat on lo0 inet from 192.168.1.1 to 10.1.2.3 + [ Skip steps: i=42 d=end f=21 p=2 sa=2 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 binat on lo0 inet from 192.168.1.1 to any -> 10.0.0.1 + [ Skip steps: i=42 d=end f=21 sp=end da=5 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 binat on lo0 inet proto tcp from 192.168.1.2 to any -> 10.0.0.2 + [ Skip steps: i=42 d=end f=21 sp=end da=5 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 binat on lo0 inet proto udp from 192.168.1.3 to any -> 10.0.0.3 + [ Skip steps: i=42 d=end f=21 sp=end da=5 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 binat on lo0 inet proto icmp from 192.168.1.4 to any -> 10.0.0.4 + [ Skip steps: i=42 d=end f=21 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 binat on lo0 inet from 192.168.1.5 to 172.16.1.1 -> 10.0.0.5 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 binat on lo0 inet from 192.168.1.6 to 172.16.1.2 -> 10.0.0.6 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 binat on lo0 inet from 192.168.1.7 to 172.16.2.0/24 -> 10.0.0.7 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 binat on lo0 inet from 192.168.2.0/24 to any -> 10.0.5.0/24 + [ Skip steps: i=42 d=end f=21 p=end sp=end da=10 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 binat on lo0 inet from 192.168.2.0/28 to any -> 10.0.4.0/28 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 binat on lo0 inet from 192.168.2.0/30 to 192.168.3.1 -> 10.0.3.0/30 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 binat on lo0 inet from 192.168.1.8 to ! 172.17.0.0/16 -> 10.0.0.8 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 binat on lo0 inet from 1.1.1.1 to no-route -> 2.2.2.2 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 binat on lo0 inet from (lo0:0:1) to 1.1.1.1 -> 2.2.2.2 + [ Skip steps: i=42 d=end f=21 p=end sa=16 sp=end da=15 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 binat on lo0 inet from (lo0:0:1) to 1.1.1.1 -> (lo1000000:0) + [ Skip steps: i=42 d=end f=21 p=end sa=16 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 binat on lo0 inet from (lo0:0:1) to (lo1000000:0:*) -> (lo1000000:0) + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 binat on lo0 inet from 1.1.1.1 to <sometable:*> -> 2.2.2.2 + [ Skip steps: i=42 d=end f=21 p=end sa=20 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 binat on lo0 inet from 1.1.1.1 to ! <sometable:*> -> 2.2.2.2 + [ Skip steps: i=42 d=end f=21 p=end sa=20 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 binat on lo0 inet from 1.1.1.1 to (lo1000000:0:*) -> 2.2.2.2 + [ Skip steps: i=42 d=end f=21 p=end sa=20 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 binat on lo0 inet from 1.1.1.1 to ! (lo1000000:0:*) -> 2.2.2.2 + [ Skip steps: i=42 d=end f=21 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 binat on lo0 inet from (lo0:0:1) to <sometable:*> -> 2.2.2.2 + [ Skip steps: i=42 d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 binat on lo0 inet6 from ::1 to no-route -> ::2 + [ Skip steps: i=42 d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@22 binat on lo0 inet6 from (lo0:0:1) to ::1 -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=25 sp=end da=24 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@23 binat on lo0 inet6 from (lo0:0:1) to ::1 -> (lo1000000:0) + [ Skip steps: i=42 d=end f=end p=end sa=25 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@24 binat on lo0 inet6 from (lo0:0:1) to (lo1000000:0:*) -> (lo1000000:0) + [ Skip steps: i=42 d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@25 binat on lo0 inet6 from ::1 to <sometable:*> -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=29 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@26 binat on lo0 inet6 from ::1 to ! <sometable:*> -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=29 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@27 binat on lo0 inet6 from ::1 to (lo1000000:0:*) -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=29 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@28 binat on lo0 inet6 from ::1 to ! (lo1000000:0:*) -> ::2 + [ Skip steps: i=42 d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@29 binat on lo0 inet6 from (lo0:0:1) to <sometable:*> -> ::2 + [ Skip steps: i=42 d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@30 binat on lo0 inet6 from ::1 to (lo:2) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@31 binat on lo0 inet6 from ::1 to (lo:0:1) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@32 binat on lo0 inet6 from ::1 to (lo:peer:*) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@33 binat on lo0 inet6 from ::1 to (lo:peer:0:*) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@34 binat on lo0 inet6 from ::1 to (lo:broadcast:*) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@35 binat on lo0 inet6 from ::1 to (lo:broadcast:0:*) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@36 binat on lo0 inet6 from ::1 to (lo:network:1) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@37 binat on lo0 inet6 from ::1 to (lo:network:0:1) -> ::1 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@38 binat on lo0 inet6 from ::1 to (lo:2)/100 -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@39 binat on lo0 inet6 from ::1 to (lo:0:1)/100 -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@40 binat on lo0 inet6 from ::1 to (lo:peer:*)/100 -> ::2 + [ Skip steps: i=42 d=end f=end p=end sa=42 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@41 binat on lo0 inet6 from ::1 to (lo:peer:0:*)/100 -> ::2 + [ Skip steps: d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@42 binat on lo inet6 from (lo0:0:1) to ::1 -> ::2 + [ Skip steps: d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@43 binat on tun inet6 from (lo0:0:1) to ::1 -> ::2 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf18.optimized b/regress/sbin/pfctl/pf18.optimized new file mode 100644 index 00000000000..97ab8105b6a --- /dev/null +++ b/regress/sbin/pfctl/pf18.optimized @@ -0,0 +1,80 @@ +@0 no nat on lo0 inet from 192.168.1.1 to 10.1.2.3 + [ Skip steps: i=16 d=end f=end p=2 sa=2 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on lo0 inet from 192.168.1.1 to any -> 10.0.0.1 + [ Skip steps: i=16 d=end f=end sp=end da=5 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 nat on lo0 inet proto tcp from 192.168.1.2 to any -> 10.0.0.2 + [ Skip steps: i=16 d=end f=end sp=end da=5 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 nat on lo0 inet proto udp from 192.168.1.3 to any -> 10.0.0.3 + [ Skip steps: i=16 d=end f=end sp=end da=5 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 nat on lo0 inet proto icmp from 192.168.1.4 to any -> 10.0.0.4 + [ Skip steps: i=16 d=end f=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 nat on lo0 inet from 192.168.1.5 to 172.6.1.1 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sa=8 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 nat on lo0 inet from 192.168.1.5 to 172.14.1.2 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sa=8 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 nat on lo0 inet from 192.168.1.5 to 172.16.2.0/24 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 nat on lo0 inet from 192.168.1.6 to 172.6.1.1 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sa=11 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 nat on lo0 inet from 192.168.1.6 to 172.14.1.2 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sa=11 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 nat on lo0 inet from 192.168.1.6 to 172.16.2.0/24 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 nat on lo0 inet from 192.168.1.7 to 172.6.1.1 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sa=14 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 nat on lo0 inet from 192.168.1.7 to 172.14.1.2 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sa=14 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 nat on lo0 inet from 192.168.1.7 to 172.16.2.0/24 -> 127.0.0.1 + [ Skip steps: i=16 d=end f=end p=16 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 nat on lo0 inet from 192.168.0.0/24 to any -> (lo0) round-robin + [ Skip steps: i=16 d=end f=end p=16 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 nat on lo0 inet from 192.168.1.8 to ! 172.17.0.0/16 -> 10.0.0.8 + [ Skip steps: d=end f=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 nat on ! lo0 inet proto udp all -> 10.0.0.8 static-port + [ Skip steps: i=18 d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 nat on ! lo0 inet proto tcp all -> 10.0.0.8 static-port + [ Skip steps: d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 nat on lo0 inet all -> 10.0.0.8 + [ Skip steps: d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 nat on tun1000000 inet all -> 10.0.0.8 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf19.optimized b/regress/sbin/pfctl/pf19.optimized new file mode 100644 index 00000000000..a190b649d3b --- /dev/null +++ b/regress/sbin/pfctl/pf19.optimized @@ -0,0 +1,36 @@ +@0 rdr on lo0 inet proto tcp from any to 1.2.3.4 port = 2222 -> 10.0.0.10 port 22 + [ Skip steps: i=5 d=end f=end p=end sp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on lo0 inet proto tcp from 127.0.0.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=5 d=end f=end p=end sa=3 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 rdr on lo0 inet proto tcp from 127.0.0.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=5 d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 rdr on lo0 inet proto tcp from 10.0.1.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=5 d=end f=end p=end sa=5 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 rdr on lo0 inet proto tcp from 10.0.1.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 rdr on lo1000000 inet proto tcp from 127.0.0.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sa=7 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 rdr on lo1000000 inet proto tcp from 127.0.0.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 rdr on lo1000000 inet proto tcp from 10.0.1.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 rdr on lo1000000 inet proto tcp from 10.0.1.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf2.optimized b/regress/sbin/pfctl/pf2.optimized new file mode 100644 index 00000000000..aa34300d43f --- /dev/null +++ b/regress/sbin/pfctl/pf2.optimized @@ -0,0 +1,88 @@ +@0 block drop out log on tun1000000 all + [ Skip steps: i=12 f=6 p=2 sa=6 sp=end da=7 dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in log on tun1000000 all + [ Skip steps: i=12 f=6 sa=6 sp=end da=7 dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block return-rst out log on tun1000000 proto tcp all + [ Skip steps: i=12 f=6 p=4 sa=6 sp=end da=7 dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block return-rst in log on tun1000000 proto tcp all + [ Skip steps: i=12 f=6 sa=6 sp=end da=7 dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block return-icmp(port-unr, port-unr) out log on tun1000000 proto udp all + [ Skip steps: i=12 f=6 p=6 sa=6 sp=end da=7 dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block return-icmp(port-unr, port-unr) in log on tun1000000 proto udp all + [ Skip steps: i=12 sp=end da=7 dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 block drop out log quick on tun1000000 inet from ! 157.161.48.183 to any + [ Skip steps: i=12 f=12 p=13 sp=end dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 block drop in quick on tun1000000 inet from any to 255.255.255.255 + [ Skip steps: i=12 d=19 f=12 p=13 sp=end dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 block drop in log quick on tun1000000 inet from 10.0.0.0/8 to any + [ Skip steps: i=12 d=19 f=12 p=13 sp=end da=end dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 block drop in log quick on tun1000000 inet from 172.16.0.0/12 to any + [ Skip steps: i=12 d=19 f=12 p=13 sp=end da=end dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 block drop in log quick on tun1000000 inet from 192.168.0.0/16 to any + [ Skip steps: i=12 d=19 f=12 p=13 sp=end da=end dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 block drop in log quick on tun1000000 inet from 255.255.255.255 to any + [ Skip steps: d=19 p=13 sp=end da=end dp=13 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 block drop in log quick from no-route to any + [ Skip steps: d=19 f=17 sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 pass in on tun1000000 proto tcp from any to any port = ssh keep state + [ Skip steps: i=end d=19 f=17 p=17 sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 pass in on tun1000000 proto tcp from any to any port = smtp keep state + [ Skip steps: i=end d=19 f=17 p=17 sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 pass in on tun1000000 proto tcp from any to any port = domain keep state + [ Skip steps: i=end d=19 f=17 p=17 sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 pass in on tun1000000 proto tcp from any to any port = auth keep state + [ Skip steps: i=end d=19 sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 pass in on tun1000000 inet proto icmp all icmp-type echoreq code 0 keep state + [ Skip steps: i=end d=19 sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 pass in on tun1000000 proto udp from any to any port = domain keep state + [ Skip steps: i=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 pass out on tun1000000 inet proto icmp all icmp-type echoreq code 0 keep state + [ Skip steps: i=end d=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 pass out on tun1000000 proto udp all keep state + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 pass out on tun1000000 proto tcp all keep state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf20.optimized b/regress/sbin/pfctl/pf20.optimized new file mode 100644 index 00000000000..f79e2fecddc --- /dev/null +++ b/regress/sbin/pfctl/pf20.optimized @@ -0,0 +1,48 @@ +@0 nat on lo0 inet from 127.0.0.0/24 to 1.2.3.0/25 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=2 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on lo0 inet from 127.0.0.0/24 to 2.4.6.8/30 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 nat on lo0 inet from 10.0.1.0/24 to 1.2.3.0/25 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 nat on lo0 inet from 10.0.1.0/24 to 2.4.6.8/30 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr on lo0 inet proto tcp from 127.0.0.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=4 d=end f=end p=end sa=2 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on lo0 inet proto tcp from 127.0.0.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=4 d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 rdr on lo0 inet proto tcp from 10.0.1.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=4 d=end f=end p=end sa=4 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 rdr on lo0 inet proto tcp from 10.0.1.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 rdr on lo1000000 inet proto tcp from 127.0.0.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sa=6 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 rdr on lo1000000 inet proto tcp from 127.0.0.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 rdr on lo1000000 inet proto tcp from 10.0.1.0/24 to 1.2.3.0/25 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 rdr on lo1000000 inet proto tcp from 10.0.1.0/24 to 2.4.6.8/30 port = ftp -> 127.0.0.1 port 8021 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf21.optimized b/regress/sbin/pfctl/pf21.optimized new file mode 100644 index 00000000000..15241d19e78 --- /dev/null +++ b/regress/sbin/pfctl/pf21.optimized @@ -0,0 +1,16 @@ +@0 scrub in all fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub in all fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub in all fragment drop-ovl + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub in all fragment crop + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf23.optimized b/regress/sbin/pfctl/pf23.optimized new file mode 100644 index 00000000000..d6033524ed6 --- /dev/null +++ b/regress/sbin/pfctl/pf23.optimized @@ -0,0 +1,4 @@ +@0 block drop in on ! lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf24.optimized b/regress/sbin/pfctl/pf24.optimized new file mode 100644 index 00000000000..229e6c3dd98 --- /dev/null +++ b/regress/sbin/pfctl/pf24.optimized @@ -0,0 +1,8 @@ +@0 pass in proto tcp from any to any port = ssh + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in proto tcp from any to any port = ftp + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf25.optimized b/regress/sbin/pfctl/pf25.optimized new file mode 100644 index 00000000000..488d10164e1 --- /dev/null +++ b/regress/sbin/pfctl/pf25.optimized @@ -0,0 +1,36 @@ +@0 block drop in on ! lo0 inet from 127.0.0.0/8 to any + [ Skip steps: i=5 d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in on ! lo0 inet6 from ::1 to any + [ Skip steps: i=5 d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block drop in log quick on ! lo0 inet from 127.0.0.0/8 to any + [ Skip steps: i=5 d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block drop in on ! lo0 from (lo0:network:2) to any + [ Skip steps: i=5 d=end p=end sa=5 sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block drop in log quick on ! lo0 inet from (lo0:network:1) to any + [ Skip steps: d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block drop in on ! lo from (lo:network:2) to any + [ Skip steps: d=end f=7 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 block drop in from (lo:3) to any + [ Skip steps: d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 block drop in log quick on ! lo inet from (lo:network:1) to any + [ Skip steps: d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 block drop in log quick inet from (lo:1) to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf26.optimized b/regress/sbin/pfctl/pf26.optimized new file mode 100644 index 00000000000..ef79533eaba --- /dev/null +++ b/regress/sbin/pfctl/pf26.optimized @@ -0,0 +1,8 @@ +@0 block drop in on lo0 inet from ! (lo0:1) to any + [ Skip steps: i=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop out on lo0 inet from any to ! (lo0:1) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf27.optimized b/regress/sbin/pfctl/pf27.optimized new file mode 100644 index 00000000000..3a9874ea041 --- /dev/null +++ b/regress/sbin/pfctl/pf27.optimized @@ -0,0 +1,48 @@ +@0 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on lo0 inet from 127.0.0.1 to any -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=4 sp=end da=4 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 nat on lo0 inet from any to 127.0.0.1 -> (lo0) round-robin + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 nat on lo0 inet from 127.0.0.1 to any -> (lo0) round-robin + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 nat on lo0 inet from any to (lo0:1) -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on lo0 inet from 127.0.0.1 to any -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=4 sp=end da=4 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 rdr on lo0 inet from any to 127.0.0.1 -> (lo0) round-robin + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 rdr on lo0 inet from 127.0.0.1 to any -> (lo0) round-robin + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 rdr on lo0 inet from any to (lo0:1) -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf28.optimized b/regress/sbin/pfctl/pf28.optimized new file mode 100644 index 00000000000..ec72ec92ace --- /dev/null +++ b/regress/sbin/pfctl/pf28.optimized @@ -0,0 +1,24 @@ +@0 block drop in log-all quick on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in log quick on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block drop in log-all quick on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block drop in log quick on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block drop in log on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block drop in log-all on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf29.optimized b/regress/sbin/pfctl/pf29.optimized new file mode 100644 index 00000000000..6f4615d697f --- /dev/null +++ b/regress/sbin/pfctl/pf29.optimized @@ -0,0 +1,12 @@ +@0 rdr on lo0 inet proto tcp from any to 192.168.0.0/24 port 8000:8010 -> 127.0.0.1 port 8000:8010 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on lo0 inet proto tcp from any to 192.168.0.0/24 port 21:22 -> 127.0.0.1 port 179:180 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 rdr on lo0 inet proto tcp from any to 192.168.0.0/24 port 1000:3000 -> 127.0.0.1 port 22 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf3.optimized b/regress/sbin/pfctl/pf3.optimized new file mode 100644 index 00000000000..bf1eebbb17d --- /dev/null +++ b/regress/sbin/pfctl/pf3.optimized @@ -0,0 +1,28 @@ +@0 pass in all + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in proto tcp all flags FPUEW/FSRPAUEW + [ Skip steps: i=end d=end f=end p=4 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block drop in proto tcp all flags FS/FSRA + [ Skip steps: i=end d=end f=end p=4 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block drop in proto tcp all flags /FSRAW + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in proto udp all + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in proto icmp all + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass in all flags S/SA + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf30.optimized b/regress/sbin/pfctl/pf30.optimized new file mode 100644 index 00000000000..e03a3b26b57 --- /dev/null +++ b/regress/sbin/pfctl/pf30.optimized @@ -0,0 +1,4 @@ +@0 block drop in on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf31.optimized b/regress/sbin/pfctl/pf31.optimized new file mode 100644 index 00000000000..d1b6d7ed604 --- /dev/null +++ b/regress/sbin/pfctl/pf31.optimized @@ -0,0 +1,20 @@ +@0 block return in on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block return in on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block drop in on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block return in on lo0 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf32.optimized b/regress/sbin/pfctl/pf32.optimized new file mode 100644 index 00000000000..4e65cdd5f1e --- /dev/null +++ b/regress/sbin/pfctl/pf32.optimized @@ -0,0 +1,8 @@ +@0 pass in inet from 10.0.0.0/8 to any + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in inet from 192.0.0.0/8 to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf34.optimized b/regress/sbin/pfctl/pf34.optimized new file mode 100644 index 00000000000..a71c50fa61d --- /dev/null +++ b/regress/sbin/pfctl/pf34.optimized @@ -0,0 +1,20 @@ +@0 pass in inet from any to 127.0.0.1 + [ Skip steps: i=end d=end p=4 sa=4 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in inet6 from any to 2000::1 + [ Skip steps: i=end d=end p=4 sa=4 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in all probability 50% + [ Skip steps: i=end d=end f=4 p=4 sa=4 sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in all probability 50% + [ Skip steps: i=end d=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in inet6 proto tcp from ::1 to any probability 0.8% + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf36.optimized b/regress/sbin/pfctl/pf36.optimized new file mode 100644 index 00000000000..3b9470a2529 --- /dev/null +++ b/regress/sbin/pfctl/pf36.optimized @@ -0,0 +1,56 @@ +@0 nat on lo0 inet from any to 127.0.0.1 -> { 127.0.0.1, 127.0.0.2 } round-robin + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on lo0 inet from any to 127.0.0.1 -> { 127.0.0.1, 127.0.0.2 } round-robin + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 bitmask static-port + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 random + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 source-hash 0x0123456789abcdef0123456789abcdef + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 nat on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 round-robin + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr on lo0 inet from any to 127.0.0.1 -> { 127.0.0.1, 127.0.0.2 } round-robin + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on lo0 inet from any to 127.0.0.1 -> { 127.0.0.1, 127.0.0.2 } round-robin + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 bitmask + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 random + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 source-hash 0x0123456789abcdef0123456789abcdef + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 rdr on lo0 inet from any to 127.0.0.1 -> 127.0.0.0/24 round-robin + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf38.optimized b/regress/sbin/pfctl/pf38.optimized new file mode 100644 index 00000000000..3ca12c9642c --- /dev/null +++ b/regress/sbin/pfctl/pf38.optimized @@ -0,0 +1,16 @@ +@0 pass in on tun1000000 proto tcp all user = 3 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in on tun1000000 proto tcp all group = 7 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in on tun1000000 proto tcp all user = 3 group = 0 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in on tun1000000 proto tcp all user = 0 group = 0 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf39.optimized b/regress/sbin/pfctl/pf39.optimized new file mode 100644 index 00000000000..6116b14c57c --- /dev/null +++ b/regress/sbin/pfctl/pf39.optimized @@ -0,0 +1,36 @@ +@0 pass in log quick on lo0 inet proto tcp all tos 0x08 keep state fragment label "blah" + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in log quick on lo0 inet proto icmp all user = 3 group = 32767 icmp-type echorep code 0 tos 0x08 keep state allow-opts label "blah" queue blah + [ Skip steps: i=end d=end f=end p=5 sa=end sp=end da=end dp=end ] + [ queue: qname=blah qid=1 pqname= pqid=1 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in log quick on lo0 inet proto icmp all user = 3 group = 0 icmp-type echorep code 0 tos 0x08 keep state allow-opts label "blah" queue blah + [ Skip steps: i=end d=end f=end p=5 sa=end sp=end da=end dp=end ] + [ queue: qname=blah qid=1 pqname= pqid=1 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in log quick on lo0 inet proto icmp all user = 0 group = 32767 icmp-type echorep code 0 tos 0x08 keep state allow-opts label "blah" queue blah + [ Skip steps: i=end d=end f=end p=5 sa=end sp=end da=end dp=end ] + [ queue: qname=blah qid=1 pqname= pqid=1 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in log quick on lo0 inet proto icmp all user = 0 group = 0 icmp-type echorep code 0 tos 0x08 keep state allow-opts label "blah" queue blah + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname=blah qid=1 pqname= pqid=1 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in log quick on lo0 inet proto tcp all keep state + [ Skip steps: i=end d=end f=end p=7 sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass in log quick on lo0 inet proto tcp all tos 0x08 keep state label "blah" queue blah + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname=blah qid=1 pqname= pqid=1 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 pass in log quick on lo0 inet proto icmp all icmp-type echorep code 0 tos 0x08 + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 pass in log quick on lo0 inet proto tcp all flags S/SA allow-opts + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf4.optimized b/regress/sbin/pfctl/pf4.optimized new file mode 100644 index 00000000000..fb3454c2dbd --- /dev/null +++ b/regress/sbin/pfctl/pf4.optimized @@ -0,0 +1,8 @@ +@0 block drop in all + [ Skip steps: i=end d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in inet from ! 10.0.0.0/8 to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf40.optimized b/regress/sbin/pfctl/pf40.optimized new file mode 100644 index 00000000000..da23ce976c3 --- /dev/null +++ b/regress/sbin/pfctl/pf40.optimized @@ -0,0 +1,76 @@ +@0 scrub all fragment reassemble + [ Skip steps: i=end d=2 f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub all fragment reassemble + [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub in all fragment reassemble + [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub out all fragment reassemble + [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 scrub in all fragment reassemble + [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 scrub all fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 block drop all + [ Skip steps: i=7 d=5 f=end p=2 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block return all + [ Skip steps: i=7 d=5 f=end sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block return-rst proto tcp all + [ Skip steps: i=7 d=5 f=end sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass all + [ Skip steps: i=7 d=5 f=end p=10 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block drop all + [ Skip steps: i=7 f=end p=10 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in all + [ Skip steps: i=7 f=end p=10 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass out all + [ Skip steps: f=end p=10 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 block drop on lo0 all + [ Skip steps: i=10 d=12 f=end p=10 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 pass on lo0 all + [ Skip steps: i=10 d=12 f=end p=10 sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 block drop on lo0 all + [ Skip steps: d=12 f=end sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 pass proto tcp all flags S/SA + [ Skip steps: i=12 d=12 f=end sa=end sp=end da=end dp=12 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 pass proto udp all keep state + [ Skip steps: f=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 pass out on lo0 proto tcp from any to any port = smtp keep state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf44.optimized b/regress/sbin/pfctl/pf44.optimized new file mode 100644 index 00000000000..57641868833 --- /dev/null +++ b/regress/sbin/pfctl/pf44.optimized @@ -0,0 +1,24 @@ +@0 scrub in on lo0 all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub in on lo0 all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub in on lo0 all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub in on lo0 all no-df min-ttl 15 max-mss 224 fragment drop-ovl + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 scrub in on lo0 all no-df min-ttl 15 max-mss 224 fragment crop + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 scrub in on lo0 all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf46.optimized b/regress/sbin/pfctl/pf46.optimized new file mode 100644 index 00000000000..225da0038fa --- /dev/null +++ b/regress/sbin/pfctl/pf46.optimized @@ -0,0 +1,32 @@ +@0 pass in on lo0 route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } round-robin inet all + [ Skip steps: i=end f=4 p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass out on lo0 route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } round-robin inet all + [ Skip steps: i=end f=4 p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in on lo0 route-to (pflog0 127.0.0.0/24) bitmask inet all + [ Skip steps: i=end f=4 p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass out on lo0 dup-to (pflog0 127.0.0.0/24) random inet all + [ Skip steps: i=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in on lo0 reply-to { pflog0, pflog0 } round-robin inet6 all + [ Skip steps: i=end d=6 p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in on lo0 reply-to (pflog0 127.0.0.0/28) source-hash 0x0123456789abcdef0123456789abcdef inet all + [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass out on lo0 route-to (pflog0 127.0.0.0/24) source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 inet all + [ Skip steps: i=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 pass in on lo0 dup-to (pflog0 127.0.0.0/24) round-robin inet all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf47.optimized b/regress/sbin/pfctl/pf47.optimized new file mode 100644 index 00000000000..f674854fc3b --- /dev/null +++ b/regress/sbin/pfctl/pf47.optimized @@ -0,0 +1,244 @@ +@0 pass in on lo0 all + [ Skip steps: d=end f=5 p=35 sa=6 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in all label "any" + [ Skip steps: d=end f=5 p=35 sa=6 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in on lo0 all label "lo0" + [ Skip steps: i=end d=end f=5 p=35 sa=6 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in on lo0 all label "lo0lo0" + [ Skip steps: i=end d=end f=5 p=35 sa=6 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in on lo0 all label "any" + [ Skip steps: i=end d=end p=35 sa=6 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass in on lo0 inet all label "any" + [ Skip steps: i=end d=end f=12 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass in on lo0 inet from 127.0.0.1 to any label "127.0.0.1" + [ Skip steps: i=end d=end f=12 p=35 sa=9 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 pass in on lo0 inet from 127.0.0.1 to any label "127.0.0.1127.0.0.1" + [ Skip steps: i=end d=end f=12 p=35 sa=9 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 pass in on lo0 inet from 127.0.0.1 to any label ":127.0.0.1:127.0.0.1:" + [ Skip steps: i=end d=end f=12 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 pass in on lo0 inet from 127.0.0.0/8 to any label "127.0.0.0/8" + [ Skip steps: i=end d=end f=12 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 pass in on lo0 inet from 127.0.0.0/16 to any label "127.0.0.0/16127.0.0.0/16" + [ Skip steps: i=end d=end f=12 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 pass in on lo0 inet from 127.0.0.0/31 to any label ":127.0.0.0/31:127.0.0.0/31:" + [ Skip steps: i=end d=end p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 pass in on lo0 inet6 from fe80::1 to any label "fe80::1" + [ Skip steps: i=end d=end f=21 p=35 sa=15 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 pass in on lo0 inet6 from fe80::1 to any label "fe80::1fe80::1" + [ Skip steps: i=end d=end f=21 p=35 sa=15 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 pass in on lo0 inet6 from fe80::1 to any label ":fe80::1:fe80::1:" + [ Skip steps: i=end d=end f=21 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 pass in on lo0 inet6 from ::/8 to any label "::/8" + [ Skip steps: i=end d=end f=21 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 pass in on lo0 inet6 from fe00::/8 to any label "fe00::/8" + [ Skip steps: i=end d=end f=21 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 pass in on lo0 inet6 from ::/64 to any label "::/64::/64" + [ Skip steps: i=end d=end f=21 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 pass in on lo0 inet6 from fe80::/64 to any label "fe80::/64fe80::/64" + [ Skip steps: i=end d=end f=21 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 pass in on lo0 inet6 from ::/127 to any label ":::/127:::/127:" + [ Skip steps: i=end d=end f=21 p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 pass in on lo0 inet6 from fe80::/127 to any label ":fe80::/127:fe80::/127:" + [ Skip steps: i=end d=end p=35 sp=35 da=22 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 pass in on lo0 all label "!any!" + [ Skip steps: i=end d=end p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@22 pass in on lo0 inet from any to (lo0:1) label "(lo0)" + [ Skip steps: i=end d=end f=28 p=35 sa=60 sp=35 da=25 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@23 pass in on lo0 inet from any to (lo0:1) label "(lo0)(lo0)" + [ Skip steps: i=end d=end f=28 p=35 sa=60 sp=35 da=25 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@24 pass in on lo0 inet from any to (lo0:1) label " (lo0) (lo0) " + [ Skip steps: i=end d=end f=28 p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@25 pass in on lo0 inet from any to ! 127.0.0.0/8 label "! 127.0.0.0/8" + [ Skip steps: i=end d=end f=28 p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@26 pass in on lo0 inet from any to ! 127.0.0.0/16 label "! 127.0.0.0/16! 127.0.0.0/16" + [ Skip steps: i=end d=end f=28 p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@27 pass in on lo0 inet from any to ! 127.0.0.0/31 label " ! 127.0.0.0/31 ! 127.0.0.0/31 " + [ Skip steps: i=end d=end p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@28 pass in on lo0 inet6 from any to ! (lo0:2) label "! (lo0)" + [ Skip steps: i=end d=end f=34 p=35 sa=60 sp=35 da=31 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@29 pass in on lo0 inet6 from any to ! (lo0:2) label "! (lo0)! (lo0)" + [ Skip steps: i=end d=end f=34 p=35 sa=60 sp=35 da=31 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@30 pass in on lo0 inet6 from any to ! (lo0:2) label " ! (lo0) ! (lo0) " + [ Skip steps: i=end d=end f=34 p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@31 pass in on lo0 inet6 from any to ! ::/8 label "! ::/8" + [ Skip steps: i=end d=end f=34 p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@32 pass in on lo0 inet6 from any to ! ::/64 label "! ::/64! ::/64" + [ Skip steps: i=end d=end f=34 p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@33 pass in on lo0 inet6 from any to ! ::/127 label " ! ::/127 ! ::/127 " + [ Skip steps: i=end d=end p=35 sa=60 sp=35 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@34 pass in on lo0 all label "xx" + [ Skip steps: i=end d=end f=60 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@35 pass in on lo0 proto tcp from any port = 28 to any label "28" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@36 pass in on lo0 proto tcp from any port 28 >< 29 to any label "28><29" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@37 pass in on lo0 proto tcp from any port 28 <> 29 to any label "28<>29" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@38 pass in on lo0 proto tcp from any port 28:29 to any + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@39 pass in on lo0 proto tcp from any port != 28 to any label "!=28" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@40 pass in on lo0 proto tcp from any port < 28 to any label "<28" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@41 pass in on lo0 proto tcp from any port <= 28 to any label "<=28" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@42 pass in on lo0 proto tcp from any port > 28 to any label ">28" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@43 pass in on lo0 proto tcp from any port >= 28 to any label ">=28" + [ Skip steps: i=end d=end f=60 p=46 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@44 pass in on lo0 proto tcp from any port = 28 to any label "2828" + [ Skip steps: i=end d=end f=60 p=46 sa=60 sp=46 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@45 pass in on lo0 proto tcp from any port = 28 to any label "$28$28$" + [ Skip steps: i=end d=end f=60 sa=60 da=60 dp=47 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@46 pass in on lo0 all + [ Skip steps: i=end d=end f=60 sa=60 sp=60 da=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@47 pass in on lo0 proto udp from any to any port = 29 label "29" + [ Skip steps: i=end d=end f=60 p=50 sa=60 sp=60 da=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@48 pass in on lo0 proto udp from any to any port != 29 label "!=29!=29" + [ Skip steps: i=end d=end f=60 p=50 sa=60 sp=60 da=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@49 pass in on lo0 proto udp from any to any port > 29 label "x>29x>29x" + [ Skip steps: i=end d=end f=60 sa=60 sp=60 da=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@50 pass in on lo0 all label "ip" + [ Skip steps: i=end d=end f=60 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@51 pass in on lo0 proto esp all label "esp" + [ Skip steps: i=end d=end f=60 p=54 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@52 pass in on lo0 proto esp all label "espesp" + [ Skip steps: i=end d=end f=60 p=54 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@53 pass in on lo0 proto esp all label "-esp-esp-" + [ Skip steps: i=end d=end f=60 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@54 pass in on lo0 proto 166 all label "166" + [ Skip steps: i=end d=end f=60 p=57 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@55 pass in on lo0 proto 166 all label "166166" + [ Skip steps: i=end d=end f=60 p=57 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@56 pass in on lo0 proto 166 all label "_166_166_" + [ Skip steps: i=end d=end f=60 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@57 pass in on lo0 all label "57" + [ Skip steps: i=end d=end f=60 p=60 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@58 pass in on lo0 all label "5858" + [ Skip steps: i=end d=end f=60 p=60 sa=60 sp=60 da=60 dp=60 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@59 pass in on lo0 all label "%59%59%" + [ Skip steps: i=end d=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@60 pass in on lo0 inet proto tcp from 127.0.0.1 port = 30 to 127.0.0.2 port = 44 label "if lo0 proto tcp 127.0.0.1 30 127.0.0.2 44" + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf48.optimized b/regress/sbin/pfctl/pf48.optimized new file mode 100644 index 00000000000..e37fe8bc68b --- /dev/null +++ b/regress/sbin/pfctl/pf48.optimized @@ -0,0 +1,56 @@ +@0 nat on lo0 inet from <regress.1:3> to <regress.2:*> -> 127.0.0.1 + [ Skip steps: d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on ! lo0 inet from ! <regress.1:3> to <regress.2:*> -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr on lo0 inet from <regress.1:3> to <regress.2:*> -> 127.0.0.1 + [ Skip steps: d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on ! lo0 inet from ! <regress.1:3> to <regress.2:*> -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 scrub in from <regress.1:3> to any fragment reassemble + [ Skip steps: i=end d=2 f=end p=end sp=end da=2 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub in from ! <regress.2:*> to any fragment reassemble + [ Skip steps: i=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub out from any to ! <regress.1:3> fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub out from any to <regress.2:*> fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 pass in from <regress:6> to any + [ Skip steps: i=end d=3 f=end p=end sp=end da=3 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in from <regress.1:3> to any + [ Skip steps: i=end d=3 f=end p=end sp=end da=3 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in from <regress.2:*> to any + [ Skip steps: i=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass out from any to <regress:6> + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass out from any to ! <regress.1:3> + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass out from any to ! <regress.2:*> + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf49.optimized b/regress/sbin/pfctl/pf49.optimized new file mode 100644 index 00000000000..b03fed6ea8d --- /dev/null +++ b/regress/sbin/pfctl/pf49.optimized @@ -0,0 +1,8 @@ +@0 pass in on lo0 inet from 127.0.0.0/8 to any keep state + [ Skip steps: i=end d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in on lo0 inet6 from ::1 to any keep state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf5.optimized b/regress/sbin/pfctl/pf5.optimized new file mode 100644 index 00000000000..74da9bb0f58 --- /dev/null +++ b/regress/sbin/pfctl/pf5.optimized @@ -0,0 +1,32 @@ +@0 block drop in inet proto udp from 10.0.0.0/8 port = echo to 12.34.56.78 port = 6667 + [ Skip steps: i=end d=end f=end p=end sa=end da=end dp=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6667 + [ Skip steps: i=end d=end f=end p=end sa=end da=end dp=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block drop in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78 port = 6667 + [ Skip steps: i=end d=end f=end p=end sa=end da=end dp=4 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block drop in inet proto udp from 10.0.0.0/8 port = 113 to 12.34.56.78 port = 6667 + [ Skip steps: i=end d=end f=end p=end sa=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block drop in inet proto udp from 10.0.0.0/8 port = echo to 12.34.56.78 port = 16 + [ Skip steps: i=end d=end f=end p=end sa=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 16 + [ Skip steps: i=end d=end f=end p=end sa=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 block drop in inet proto udp from 10.0.0.0/8 port = 21 to 12.34.56.78 port = 16 + [ Skip steps: i=end d=end f=end p=end sa=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 block drop in inet proto udp from 10.0.0.0/8 port = 113 to 12.34.56.78 port = 16 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf54.optimized b/regress/sbin/pfctl/pf54.optimized new file mode 100644 index 00000000000..c9e12277984 --- /dev/null +++ b/regress/sbin/pfctl/pf54.optimized @@ -0,0 +1,4 @@ +@0 scrub all random-id fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf56.optimized b/regress/sbin/pfctl/pf56.optimized new file mode 100644 index 00000000000..bd7cb1b8510 --- /dev/null +++ b/regress/sbin/pfctl/pf56.optimized @@ -0,0 +1,8 @@ +@0 pass in proto tcp from any to any port = www keep state (tcp.established 60) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in proto tcp from any to any port = www keep state (max 10, no-sync, tcp.first 2) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf60.optimized b/regress/sbin/pfctl/pf60.optimized new file mode 100644 index 00000000000..8093d58fd8a --- /dev/null +++ b/regress/sbin/pfctl/pf60.optimized @@ -0,0 +1,4 @@ +@0 pass inet from 224.4.0.0/16 to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf61.optimized b/regress/sbin/pfctl/pf61.optimized new file mode 100644 index 00000000000..b8b15e0e4d6 --- /dev/null +++ b/regress/sbin/pfctl/pf61.optimized @@ -0,0 +1,4 @@ +@0 pass inet from any to (lo0:1)/24 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf65.optimized b/regress/sbin/pfctl/pf65.optimized new file mode 100644 index 00000000000..a024ff7c6e9 --- /dev/null +++ b/regress/sbin/pfctl/pf65.optimized @@ -0,0 +1,12 @@ +@0 block drop in on ! lo0 inet from 127.0.0.0/8 to any label "antispoof-lo0" + [ Skip steps: i=end d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in on ! lo0 inet6 from ::1 to any label "antispoof-lo0" + [ Skip steps: i=end d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block drop in log quick on ! lo0 inet from 127.0.0.0/8 to any label "antispoof-lo0-2" + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf66.optimized b/regress/sbin/pfctl/pf66.optimized new file mode 100644 index 00000000000..82332522aa6 --- /dev/null +++ b/regress/sbin/pfctl/pf66.optimized @@ -0,0 +1,24 @@ +@0 nat on lo0 inet from 192.168.1.1 to any -> 10.0.0.1 port 500 + [ Skip steps: i=end d=end f=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on lo0 inet proto tcp from 192.168.1.2 to any -> 10.0.0.2 port 1000:5000 + [ Skip steps: i=end d=end f=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 nat on lo0 inet proto udp from 192.168.1.3 to any -> 10.0.0.3 port 5000:1000 + [ Skip steps: i=end d=end f=end p=4 sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 nat on lo0 inet proto udp from 192.168.1.4 to any -> 10.0.0.4 port 50000 + [ Skip steps: i=end d=end f=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 nat on lo0 inet proto tcp from 192.168.1.2 to any -> 10.0.0.2 port 80:5000 + [ Skip steps: i=end d=end f=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 nat on lo0 inet proto udp from 192.168.1.3 to any -> 10.0.0.3 port 5000:80 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf67.optimized b/regress/sbin/pfctl/pf67.optimized new file mode 100644 index 00000000000..68cc9cb7def --- /dev/null +++ b/regress/sbin/pfctl/pf67.optimized @@ -0,0 +1,8 @@ +@0 pass in quick on tun1000000 all keep state tag regress + [ Skip steps: f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass out quick on lo0 all keep state tagged regress + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf68.optimized b/regress/sbin/pfctl/pf68.optimized new file mode 100644 index 00000000000..72ca67830d8 --- /dev/null +++ b/regress/sbin/pfctl/pf68.optimized @@ -0,0 +1,268 @@ +@0 no scrub on lo0 inet proto tcp from 192.168.1.1 port = 1024 to any port = www + [ Skip steps: d=4 p=end da=11 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub proto tcp all fragment reassemble + [ Skip steps: i=15 d=4 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub proto tcp all fragment reassemble + [ Skip steps: i=15 d=4 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub proto tcp all fragment reassemble + [ Skip steps: i=15 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 scrub in proto tcp all fragment reassemble + [ Skip steps: i=15 d=30 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 scrub in proto tcp all fragment reassemble + [ Skip steps: i=15 d=30 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 scrub in proto tcp all fragment crop + [ Skip steps: i=15 d=30 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 scrub in proto tcp all fragment drop-ovl + [ Skip steps: i=15 d=30 f=11 p=end sa=9 sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 scrub in proto tcp all fragment reassemble + [ Skip steps: i=15 d=30 f=11 p=end sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 scrub in proto tcp from <regress.1:*> to any fragment reassemble + [ Skip steps: i=15 d=30 f=11 p=end sp=44 da=11 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 scrub in proto tcp from ! <regress.2:*> to any fragment reassemble + [ Skip steps: i=15 d=30 p=end sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 scrub in inet proto tcp from 10.0.0.1 to 10.0.0.3 fragment reassemble + [ Skip steps: i=15 d=30 f=15 p=end sa=13 sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 scrub in inet proto tcp from 10.0.0.1 to 10.0.0.4 fragment reassemble + [ Skip steps: i=15 d=30 f=15 p=end sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 scrub in inet proto tcp from 10.0.0.2 to 10.0.0.3 fragment reassemble + [ Skip steps: i=15 d=30 f=15 p=end sa=15 sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 scrub in inet proto tcp from 10.0.0.2 to 10.0.0.4 fragment reassemble + [ Skip steps: d=30 p=end sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 scrub in log on lo0 proto tcp all min-ttl 25 fragment reassemble + [ Skip steps: i=19 d=30 p=end sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 scrub in log on lo0 inet6 proto tcp from (lo1000000:*) to 2000::1 fragment reassemble + [ Skip steps: i=19 d=30 f=18 p=end sp=44 da=18 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 scrub in log on lo0 inet6 proto tcp from (lo0:2) to 2000::1 fragment reassemble + [ Skip steps: i=19 d=30 p=end sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 scrub in log on lo0 proto tcp all fragment reassemble + [ Skip steps: d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 scrub in log on lo1000000 proto tcp all fragment reassemble + [ Skip steps: d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 scrub in on lo0 proto tcp all fragment reassemble + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@22 scrub in on lo0 proto tcp all max-mss 224 fragment reassemble + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@23 scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@24 scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment drop-ovl + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@25 scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@26 scrub in on lo0 proto tcp all no-df fragment reassemble + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@27 scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment crop + [ Skip steps: i=31 d=30 f=29 p=end sa=29 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@28 scrub in on lo0 proto tcp all no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=31 d=30 p=end sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@29 scrub in on lo0 inet proto tcp from (lo0:1) to any fragment reassemble + [ Skip steps: i=31 p=end sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@30 scrub on lo0 proto tcp all max-mss 224 fragment reassemble + [ Skip steps: f=34 p=end sa=37 sp=44 da=32 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@31 scrub out proto tcp all fragment reassemble + [ Skip steps: i=34 d=35 f=34 p=end sa=37 sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@32 scrub out proto tcp from any to ! <regress.1:*> fragment reassemble + [ Skip steps: i=34 d=35 f=34 p=end sa=37 sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@33 scrub out proto tcp from any to <regress.2:*> fragment reassemble + [ Skip steps: d=35 p=end sa=37 sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@34 scrub out log on lo1000000 inet proto tcp from any to 10.0.0.1 no-df max-mss 224 fragment reassemble + [ Skip steps: p=end sa=37 sp=44 dp=36 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@35 scrub proto tcp all random-id fragment reassemble + [ Skip steps: i=43 d=37 f=39 p=end sa=37 sp=44 da=39 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@36 scrub proto tcp from any to any port = www fragment reassemble + [ Skip steps: i=43 f=39 p=end sp=44 da=39 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@37 scrub in proto tcp from <regress.1:*> to any port = www fragment reassemble + [ Skip steps: i=43 d=63 f=39 p=end sp=44 da=39 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@38 scrub in proto tcp from ! <regress.2:*> to any port = www fragment reassemble + [ Skip steps: i=43 d=63 p=end sp=44 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@39 scrub in inet proto tcp from 10.0.0.1 to 10.0.0.3 port = www fragment reassemble + [ Skip steps: i=43 d=63 f=43 p=end sa=41 sp=44 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@40 scrub in inet proto tcp from 10.0.0.1 to 10.0.0.4 port = www fragment reassemble + [ Skip steps: i=43 d=63 f=43 p=end sp=44 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@41 scrub in inet proto tcp from 10.0.0.2 to 10.0.0.3 port = www fragment reassemble + [ Skip steps: i=43 d=63 f=43 p=end sa=43 sp=44 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@42 scrub in inet proto tcp from 10.0.0.2 to 10.0.0.4 port = www fragment reassemble + [ Skip steps: d=63 p=end sp=44 dp=44 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@43 scrub in log on lo0 proto tcp from any to any port = www min-ttl 25 fragment reassemble + [ Skip steps: i=47 d=63 p=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@44 scrub in log on lo0 inet6 proto tcp from (lo1000000:*) port = www to 2000::1 fragment reassemble + [ Skip steps: i=47 d=63 f=46 p=end sp=49 da=46 dp=50 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@45 scrub in log on lo0 inet6 proto tcp from (lo0:2) port = www to 2000::1 fragment reassemble + [ Skip steps: i=47 d=63 p=end sp=49 dp=50 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@46 scrub in log on lo0 proto tcp from any port = www to any fragment reassemble + [ Skip steps: d=63 f=62 p=end sa=62 sp=49 da=64 dp=50 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@47 scrub in log on lo1000000 proto tcp from any port = www to any fragment reassemble + [ Skip steps: d=63 f=62 p=end sa=62 sp=49 da=64 dp=50 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@48 scrub in on lo0 proto tcp from any port = www to any no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 dp=50 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@49 scrub in on lo0 proto tcp from any port = 81 to any no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@50 scrub in on lo0 proto tcp from any to any port = www max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@51 scrub in on lo0 proto tcp from any port = www to any no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 sp=53 da=64 dp=53 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@52 scrub in on lo0 proto tcp from any port = www to any no-df min-ttl 15 max-mss 224 fragment drop-ovl + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@53 scrub in on lo0 proto tcp from any to any port = www no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 sp=56 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@54 scrub in on lo0 proto tcp from any to any port = 81 no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 sp=56 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@55 scrub in on lo0 proto tcp from any to any port = 82 no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@56 scrub in on lo0 proto tcp from any port = www to any port = www no-df fragment reassemble + [ Skip steps: i=64 d=63 f=62 p=end sa=62 sp=59 da=64 dp=58 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@57 scrub in on lo0 proto tcp from any port = www to any port = www no-df min-ttl 15 max-mss 224 fragment crop + [ Skip steps: i=64 d=63 f=62 p=end sa=62 sp=59 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@58 scrub in on lo0 proto tcp from any port = www to any port = 81 no-df min-ttl 15 max-mss 224 fragment crop + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@59 scrub in on lo0 proto tcp from any port = 81 to any port = www no-df min-ttl 15 max-mss 224 fragment crop + [ Skip steps: i=64 d=63 f=62 p=end sa=62 sp=61 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@60 scrub in on lo0 proto tcp from any port = 81 to any port = 81 no-df min-ttl 15 max-mss 224 fragment crop + [ Skip steps: i=64 d=63 f=62 p=end sa=62 da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@61 scrub in on lo0 proto tcp from any to any port = 83 no-df min-ttl 15 max-mss 224 fragment reassemble + [ Skip steps: i=64 d=63 p=end da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@62 scrub in on lo0 inet proto tcp from (lo0:1) port = www to any fragment reassemble + [ Skip steps: i=64 p=end da=64 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@63 scrub on lo0 proto tcp from any to any port = www max-mss 224 fragment reassemble + [ Skip steps: f=66 p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@64 scrub out proto tcp from any to ! <regress.1:*> port = www fragment reassemble + [ Skip steps: i=66 d=end f=66 p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@65 scrub out proto tcp from any to <regress.2:*> port = www fragment reassemble + [ Skip steps: d=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@66 scrub out log on lo1000000 inet proto tcp from any to 10.0.0.1 port = www no-df max-mss 224 fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf69.optimized b/regress/sbin/pfctl/pf69.optimized new file mode 100644 index 00000000000..3ba0f120cba --- /dev/null +++ b/regress/sbin/pfctl/pf69.optimized @@ -0,0 +1,8 @@ +@0 nat on lo0 inet all tag regress -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 pass out quick on lo0 all keep state tagged regress + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf7.optimized b/regress/sbin/pfctl/pf7.optimized new file mode 100644 index 00000000000..2ad6782b24e --- /dev/null +++ b/regress/sbin/pfctl/pf7.optimized @@ -0,0 +1,104 @@ +@0 block drop out log on tun1000000 all + [ Skip steps: i=end f=6 p=2 sa=6 sp=end da=7 dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in log on tun1000000 all + [ Skip steps: i=end f=6 sa=6 sp=end da=7 dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 block return-rst out log on tun1000000 proto tcp all + [ Skip steps: i=end f=6 p=4 sa=6 sp=end da=7 dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 block return-rst in log on tun1000000 proto tcp all + [ Skip steps: i=end f=6 sa=6 sp=end da=7 dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 block return-icmp(port-unr, port-unr) out log on tun1000000 proto udp all + [ Skip steps: i=end f=6 p=6 sa=6 sp=end da=7 dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 block return-icmp(port-unr, port-unr) in log on tun1000000 proto udp all + [ Skip steps: i=end sp=end da=7 dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 block drop out log quick on tun1000000 inet from ! 157.161.48.183 to any + [ Skip steps: i=end f=13 p=12 sp=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 block drop in quick on tun1000000 inet from any to 255.255.255.255 + [ Skip steps: i=end d=12 f=13 p=12 sp=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 block drop in log quick on tun1000000 inet from 10.0.0.0/8 to any + [ Skip steps: i=end d=12 f=13 p=12 sp=end da=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 block drop in log quick on tun1000000 inet from 172.16.0.0/12 to any + [ Skip steps: i=end d=12 f=13 p=12 sp=end da=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 block drop in log quick on tun1000000 inet from 192.168.0.0/16 to any + [ Skip steps: i=end d=12 f=13 p=12 sp=end da=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 block drop in log quick on tun1000000 inet from 255.255.255.255 to any + [ Skip steps: i=end f=13 sp=end da=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 pass out on tun1000000 inet proto icmp all icmp-type echoreq code 0 keep state + [ Skip steps: i=end d=14 sa=end sp=end da=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 pass out on tun1000000 proto udp all keep state + [ Skip steps: i=end sa=end sp=end da=end dp=15 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 pass in on tun1000000 inet proto icmp all icmp-type echoreq code 0 keep state + [ Skip steps: i=end d=16 sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 pass in on tun1000000 proto udp from any to any port = domain keep state + [ Skip steps: i=end f=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 pass out on tun1000000 proto tcp all modulate state + [ Skip steps: i=end f=end p=18 sa=end sp=end da=end dp=22 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 pass in on tun1000000 proto tcp all modulate state + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=22 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 pass in on tun1000000 proto udp all keep state + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=22 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 pass in on tun1000000 proto icmp all keep state + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=22 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 pass in on tun1000000 proto tcp all flags S/SA synproxy state + [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=22 ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 pass in on tun1000000 proto icmp all keep state + [ Skip steps: i=end d=end f=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@22 pass in on tun1000000 proto tcp from any to any port = ssh modulate state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@23 pass in on tun1000000 proto tcp from any to any port = smtp modulate state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@24 pass in on tun1000000 proto tcp from any to any port = domain modulate state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@25 pass in on tun1000000 proto tcp from any to any port = auth modulate state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf70.optimized b/regress/sbin/pfctl/pf70.optimized new file mode 100644 index 00000000000..e807508f7b0 --- /dev/null +++ b/regress/sbin/pfctl/pf70.optimized @@ -0,0 +1,12 @@ +@0 no nat on lo0 inet from 10.0.1.0/24 to any tag regress + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 nat on lo0 inet from 10.0.0.0/8 to any -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 block drop out on lo0 all tagged regress + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf71.optimized b/regress/sbin/pfctl/pf71.optimized new file mode 100644 index 00000000000..a81642fcba2 --- /dev/null +++ b/regress/sbin/pfctl/pf71.optimized @@ -0,0 +1,12 @@ +@0 no rdr on lo0 inet from 10.0.1.0/24 to any tag regress + [ Skip steps: i=end d=end f=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on lo0 inet proto tcp from 10.0.0.0/8 to any port = www -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 block drop out on lo0 all tagged regress + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf72.optimized b/regress/sbin/pfctl/pf72.optimized new file mode 100644 index 00000000000..104c2d40486 --- /dev/null +++ b/regress/sbin/pfctl/pf72.optimized @@ -0,0 +1,8 @@ +@0 binat on lo0 inet from 192.168.1.1 to any tag regress -> 10.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 block drop out on lo0 all tagged regress + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf73.optimized b/regress/sbin/pfctl/pf73.optimized new file mode 100644 index 00000000000..eab606d6bb5 --- /dev/null +++ b/regress/sbin/pfctl/pf73.optimized @@ -0,0 +1,76 @@ +@0 scrub proto tcp all reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=8 p=end sa=6 sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 scrub proto tcp all reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=8 p=end sa=6 sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 scrub proto tcp all reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=8 p=end sa=6 sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 scrub proto tcp all reassemble tcp fragment crop + [ Skip steps: i=12 d=end f=8 p=end sa=6 sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 scrub proto tcp all reassemble tcp fragment drop-ovl + [ Skip steps: i=12 d=end f=8 p=end sa=6 sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 scrub proto tcp all reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=8 p=end sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 scrub proto tcp from <regress.1:*> to any reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=8 p=end sp=end da=8 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 scrub proto tcp from ! <regress.2:*> to any reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 scrub inet proto tcp from 10.0.0.1 to 10.0.0.3 reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=12 p=end sa=10 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 scrub inet proto tcp from 10.0.0.1 to 10.0.0.4 reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=12 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 scrub inet proto tcp from 10.0.0.2 to 10.0.0.3 reassemble tcp fragment reassemble + [ Skip steps: i=12 d=end f=12 p=end sa=12 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 scrub inet proto tcp from 10.0.0.2 to 10.0.0.4 reassemble tcp fragment reassemble + [ Skip steps: d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 scrub log on lo0 proto tcp all min-ttl 25 reassemble tcp fragment reassemble + [ Skip steps: i=16 d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 scrub log on lo0 inet6 proto tcp from (lo1000000:*) to 2000::1 reassemble tcp fragment reassemble + [ Skip steps: i=16 d=end f=15 p=end sp=end da=15 dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 scrub log on lo0 inet6 proto tcp from (lo0:2) to 2000::1 reassemble tcp fragment reassemble + [ Skip steps: i=16 d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 scrub log on lo0 proto tcp all reassemble tcp fragment reassemble + [ Skip steps: d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 scrub log on lo1000000 proto tcp all reassemble tcp fragment reassemble + [ Skip steps: d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 scrub on lo0 proto tcp all reassemble tcp fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 scrub on lo0 proto tcp all no-df min-ttl 15 max-mss 224 reassemble tcp fragment reassemble + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf74.optimized b/regress/sbin/pfctl/pf74.optimized new file mode 100644 index 00000000000..87c4fc1190a --- /dev/null +++ b/regress/sbin/pfctl/pf74.optimized @@ -0,0 +1,4 @@ +@0 pass in proto tcp all synproxy state + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf75.optimized b/regress/sbin/pfctl/pf75.optimized new file mode 100644 index 00000000000..22bd950ef29 --- /dev/null +++ b/regress/sbin/pfctl/pf75.optimized @@ -0,0 +1,8 @@ +@0 block drop in on lo0 inet proto tcp from 192.168.0.0/24 to any port = ssh tag ssh + [ Skip steps: i=end d=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in quick on lo0 all ! tagged ssh + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf76.optimized b/regress/sbin/pfctl/pf76.optimized new file mode 100644 index 00000000000..54231329bbe --- /dev/null +++ b/regress/sbin/pfctl/pf76.optimized @@ -0,0 +1,4 @@ +@0 binat on lo0 inet from 1.2.3.4 to 5.6.7.8 -> 127.0.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf77.optimized b/regress/sbin/pfctl/pf77.optimized new file mode 100644 index 00000000000..3c25d3b05b8 --- /dev/null +++ b/regress/sbin/pfctl/pf77.optimized @@ -0,0 +1,4 @@ +@0 pass inet from (lo0:1)/8 to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf78.optimized b/regress/sbin/pfctl/pf78.optimized new file mode 100644 index 00000000000..0e0f3040068 --- /dev/null +++ b/regress/sbin/pfctl/pf78.optimized @@ -0,0 +1,4 @@ +@0 pass in inet from 10.0.0.1 to <regress:*> label "10.0.0.1:<regress>" + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf79.optimized b/regress/sbin/pfctl/pf79.optimized new file mode 100644 index 00000000000..84eecc63a30 --- /dev/null +++ b/regress/sbin/pfctl/pf79.optimized @@ -0,0 +1,4 @@ +@0 pass in inet from 10.0.0.1 to no-route label "10.0.0.1:no-route" + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf8.optimized b/regress/sbin/pfctl/pf8.optimized new file mode 100644 index 00000000000..ecadb4f064c --- /dev/null +++ b/regress/sbin/pfctl/pf8.optimized @@ -0,0 +1,8 @@ +@0 block drop out log on tun1000001 inet from ! 10.0.0.0/8 to any + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop out log on tun1000001 inet from 10.1.2.3 to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf80.optimized b/regress/sbin/pfctl/pf80.optimized new file mode 100644 index 00000000000..410125072c1 --- /dev/null +++ b/regress/sbin/pfctl/pf80.optimized @@ -0,0 +1,8 @@ +@0 nat pass on lo0 inet from 10.0.0.0/8 to 172.16.0.0/16 -> 172.16.0.1 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr pass on lo0 inet proto tcp from any to 1.2.3.4 port = www -> 127.0.0.1 port 8080 + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf81.optimized b/regress/sbin/pfctl/pf81.optimized new file mode 100644 index 00000000000..1aa0c60c762 --- /dev/null +++ b/regress/sbin/pfctl/pf81.optimized @@ -0,0 +1,96 @@ +@0 pass inet6 from (lo0:2) to ::1 + [ Skip steps: i=end d=end f=9 p=end sa=3 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass inet6 from (lo0:2) to ::2 + [ Skip steps: i=end d=end f=9 p=end sa=3 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass inet6 from (lo0:2) to ::3 + [ Skip steps: i=end d=end f=9 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass inet6 from <foo:*> to ::1 + [ Skip steps: i=end d=end f=9 p=end sa=6 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass inet6 from <foo:*> to ::2 + [ Skip steps: i=end d=end f=9 p=end sa=6 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass inet6 from <foo:*> to ::3 + [ Skip steps: i=end d=end f=9 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass inet6 from no-route to ::1 + [ Skip steps: i=end d=end f=9 p=end sa=9 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@7 pass inet6 from no-route to ::2 + [ Skip steps: i=end d=end f=9 p=end sa=9 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@8 pass inet6 from no-route to ::3 + [ Skip steps: i=end d=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@9 pass inet from (lo0:1) to 0.0.0.1 + [ Skip steps: i=end d=end f=18 p=end sa=12 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@10 pass inet from (lo0:1) to 0.0.0.2 + [ Skip steps: i=end d=end f=18 p=end sa=12 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@11 pass inet from (lo0:1) to 0.0.0.3 + [ Skip steps: i=end d=end f=18 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@12 pass inet from <foo:*> to 0.0.0.1 + [ Skip steps: i=end d=end f=18 p=end sa=15 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@13 pass inet from <foo:*> to 0.0.0.2 + [ Skip steps: i=end d=end f=18 p=end sa=15 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@14 pass inet from <foo:*> to 0.0.0.3 + [ Skip steps: i=end d=end f=18 p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@15 pass inet from no-route to 0.0.0.1 + [ Skip steps: i=end d=end f=18 p=end sa=21 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@16 pass inet from no-route to 0.0.0.2 + [ Skip steps: i=end d=end f=18 p=end sa=21 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@17 pass inet from no-route to 0.0.0.3 + [ Skip steps: i=end d=end p=end sa=21 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@18 pass from no-route to <bar1:*> + [ Skip steps: i=end d=end f=end p=end sa=21 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@19 pass from no-route to <bar2:*> + [ Skip steps: i=end d=end f=end p=end sa=21 sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@20 pass from no-route to <bar3:*> + [ Skip steps: i=end d=end f=end p=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@21 pass from <foo:*> to <bar1:*> + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@22 pass from <foo:*> to <bar2:*> + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@23 pass from <foo:*> to <bar3:*> + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf82.optimized b/regress/sbin/pfctl/pf82.optimized new file mode 100644 index 00000000000..81f55e07faa --- /dev/null +++ b/regress/sbin/pfctl/pf82.optimized @@ -0,0 +1,28 @@ +@0 pass inet from (lo0:1) to any + [ Skip steps: i=end d=end f=2 p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass inet from ! (lo0:1) to any + [ Skip steps: i=end d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass inet6 from (lo0:2) to any + [ Skip steps: i=end d=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass from <foo:*> to any + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass from ! <foo:*> to any + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@5 pass from <bar:*> to any + [ Skip steps: i=end d=end f=end p=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@6 pass from no-route to any + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf84.optimized b/regress/sbin/pfctl/pf84.optimized new file mode 100644 index 00000000000..ca79b21c987 --- /dev/null +++ b/regress/sbin/pfctl/pf84.optimized @@ -0,0 +1,32 @@ +@0 nat on tun1000000 inet from 10.0.0.0/24 to any -> { 10.0.1.1, 10.0.1.2 } round-robin sticky-address + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 rdr on tun1000000 inet from any to 10.0.1.1 -> 10.0.0.0/24 random sticky-address + [ Skip steps: i=end d=end f=end p=end sa=end sp=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 rdr on tun1000000 inet from any to 10.0.1.2 -> { 10.0.0.1, 10.0.0.2 } round-robin sticky-address + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@0 pass in proto tcp from any to any port = ssh keep state (source-track global) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 pass in proto tcp from any to any port = smtp keep state (source-track global) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@2 pass in proto tcp from any to any port = www keep state (source-track rule, max-src-states 3, max-src-nodes 1000) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@3 pass in proto tcp from any to any port = ntp keep state (source-track rule, max-src-nodes 1000) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@4 pass in proto tcp from any to any port = 321 keep state (source-track global, max-src-states 3) + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] diff --git a/regress/sbin/pfctl/pf9.optimized b/regress/sbin/pfctl/pf9.optimized new file mode 100644 index 00000000000..8c6247c4e7f --- /dev/null +++ b/regress/sbin/pfctl/pf9.optimized @@ -0,0 +1,8 @@ +@0 block drop in on enc0 all + [ Skip steps: d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] +@1 block drop in on tun1000000 all + [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ] + [ queue: qname= qid=0 pqname= pqid=0 ] + [ Evaluations: 0 Packets: 0 Bytes: 0 States: 0 ] |