diff options
| author | Mike Frantzen <frantzen@cvs.openbsd.org> | 2003-05-14 05:21:20 +0000 |
|---|---|---|
| committer | Mike Frantzen <frantzen@cvs.openbsd.org> | 2003-05-14 05:21:20 +0000 |
| commit | 32f000a492d5692dd18d3679afba0e8e65a7c3f5 (patch) | |
| tree | 8aefe4d2481f6074e0eb2a618b50efd16dc292fc /regress/sbin/pfctl/pf68.in | |
| parent | d3c3f9a9eae2627f4ff02be6048ddbe229053966 (diff) | |
test scrub w/ protocol and ports
Diffstat (limited to 'regress/sbin/pfctl/pf68.in')
| -rw-r--r-- | regress/sbin/pfctl/pf68.in | 47 |
1 files changed, 47 insertions, 0 deletions
diff --git a/regress/sbin/pfctl/pf68.in b/regress/sbin/pfctl/pf68.in new file mode 100644 index 00000000000..1dcec675477 --- /dev/null +++ b/regress/sbin/pfctl/pf68.in @@ -0,0 +1,47 @@ +scrub proto tcp +scrub proto tcp all +scrub proto tcp from any to any +scrub in proto tcp +scrub in proto tcp all +scrub in proto tcp all fragment crop +scrub in proto tcp all fragment drop-ovl +scrub in proto tcp all fragment reassemble +scrub in proto tcp from { <regress.1> !<regress.2> } to any +scrub in inet proto tcp from { 10.0.0.1, 10.0.0.2 } to { 10.0.0.3, 10.0.0.4 } +scrub in log on lo0 proto tcp from any to any min-ttl 25 +scrub in log on lo0 inet6 proto tcp from { (lo1), (lo0) } to 2000::1 +scrub in log on {lo0 lo1} proto tcp from any to any +scrub in on lo0 proto tcp all +scrub in on lo0 proto tcp from any to any fragment reassemble max-mss 224 min-ttl 15 no-df +scrub in on lo0 proto tcp from any to any max-mss 224 +scrub in on lo0 proto tcp from any to any max-mss 224 min-ttl 15 no-df fragment reassemble +scrub in on lo0 proto tcp from any to any min-ttl 15 fragment drop-ovl no-df max-mss 224 +scrub in on lo0 proto tcp from any to any min-ttl 15 no-df max-mss 224 +scrub in on lo0 proto tcp from any to any no-df +scrub in on lo0 proto tcp from any to any no-df max-mss 224 fragment crop min-ttl 15 +scrub in on lo0 proto tcp from any to any no-df max-mss 224 min-ttl 15 +scrub in on lo0 inet proto tcp from (lo0) to any +scrub on lo0 proto tcp from any to any max-mss 224 +scrub out proto tcp +scrub out proto tcp from any to { !<regress.1>, <regress.2> } +scrub out log on lo1 proto tcp from any to 10.0.0.1 no-df max-mss 224 +scrub proto tcp random-id + +scrub proto tcp from any to any port 80 +scrub in proto tcp from { <regress.1> !<regress.2> } to any port 80 +scrub in inet proto tcp from { 10.0.0.1, 10.0.0.2 } to { 10.0.0.3, 10.0.0.4 } port 80 +scrub in log on lo0 proto tcp from any to any port 80 min-ttl 25 +scrub in log on lo0 inet6 proto tcp from { (lo1), (lo0) } port 80 to 2000::1 +scrub in log on {lo0 lo1} proto tcp from any port 80 to any +scrub in on lo0 proto tcp from any port {80, 81} to any fragment reassemble max-mss 224 min-ttl 15 no-df +scrub in on lo0 proto tcp from any to any port 80 max-mss 224 +scrub in on lo0 proto tcp from any port 80 to any max-mss 224 min-ttl 15 no-df fragment reassemble +scrub in on lo0 proto tcp from any port 80 to any min-ttl 15 fragment drop-ovl no-df max-mss 224 +scrub in on lo0 proto tcp from any to any port {80, 81, 82} min-ttl 15 no-df max-mss 224 +scrub in on lo0 proto tcp from any port 80 to any port 80 no-df +scrub in on lo0 proto tcp from any port {80, 81} to any port {80, 81} no-df max-mss 224 fragment crop min-ttl 15 +scrub in on lo0 proto tcp from any to any port 83 no-df max-mss 224 min-ttl 15 +scrub in on lo0 inet proto tcp from (lo0) port 80 to any +scrub on lo0 proto tcp from any to any port 80 max-mss 224 +scrub out proto tcp from any to { !<regress.1>, <regress.2> } port 80 +scrub out log on lo1 proto tcp from any to 10.0.0.1 port 80 no-df max-mss 224 |