summaryrefslogtreecommitdiff
path: root/regress/sbin/pfctl
diff options
context:
space:
mode:
authorDaniel Hartmeier <dhartmei@cvs.openbsd.org>2003-02-03 15:44:53 +0000
committerDaniel Hartmeier <dhartmei@cvs.openbsd.org>2003-02-03 15:44:53 +0000
commit7f9e383105f5f9b02cb27c42cef4d4c8db12270b (patch)
tree04c73873049e4b9cc9b6e6d62ce2ee258d8d196e /regress/sbin/pfctl
parent59bf24a030195c8eb48026e6e0e377501ff16d32 (diff)
Don't allow loopback interfaces as route/reply/dup-to targets. ok henning@
Diffstat (limited to 'regress/sbin/pfctl')
-rw-r--r--regress/sbin/pfctl/Makefile4
-rw-r--r--regress/sbin/pfctl/pf46.in16
-rw-r--r--regress/sbin/pfctl/pf46.ok16
-rw-r--r--regress/sbin/pfctl/pfail16.in3
4 files changed, 21 insertions, 18 deletions
diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile
index 6de5d34fc8a..9ee520ba885 100644
--- a/regress/sbin/pfctl/Makefile
+++ b/regress/sbin/pfctl/Makefile
@@ -1,8 +1,8 @@
-# $OpenBSD: Makefile,v 1.67 2003/01/30 15:32:22 henning Exp $
+# $OpenBSD: Makefile,v 1.68 2003/02/03 15:44:52 dhartmei Exp $
PFTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
PFTESTS+=28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49
-PFFAIL=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
+PFFAIL=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
PFSIMPLE=1 2
PFSETUP=1
PFLOAD=1 2 3 4 5 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 23 24 25 26 27 28 29
diff --git a/regress/sbin/pfctl/pf46.in b/regress/sbin/pfctl/pf46.in
index 545c3c4caff..833be0ad7b1 100644
--- a/regress/sbin/pfctl/pf46.in
+++ b/regress/sbin/pfctl/pf46.in
@@ -1,8 +1,8 @@
-pass in on lo0 route-to { (lo0 127.0.0.1), (lo0 127.0.0.2) } all
-pass out on lo0 route-to { (lo0 127.0.0.1), (lo0 127.0.0.2) } round-robin all
-pass in on lo0 route-to (lo0 127.0.0.1/24) bitmask all
-pass out on lo0 dup-to (lo0 127.0.0.1/24) random all
-pass in on lo0 reply-to { lo0, lo0 } round-robin inet6 all
-pass in on lo0 reply-to (lo0 127.0.0.0/28) source-hash 0x0123456789ABCDEF0123456789abcdef inet all
-pass out on lo0 route-to (lo0 127.0.0.1/24) source-hash foobarlicious all
-pass in on lo0 dup-to (lo0 127.0.0.1/24) round-robin all
+pass in on lo0 route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } all
+pass out on lo0 route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } round-robin all
+pass in on lo0 route-to (pflog0 127.0.0.1/24) bitmask all
+pass out on lo0 dup-to (pflog0 127.0.0.1/24) random all
+pass in on lo0 reply-to { pflog0, pflog0 } round-robin inet6 all
+pass in on lo0 reply-to (pflog0 127.0.0.0/28) source-hash 0x0123456789ABCDEF0123456789abcdef inet all
+pass out on lo0 route-to (pflog0 127.0.0.1/24) source-hash foobarlicious all
+pass in on lo0 dup-to (pflog0 127.0.0.1/24) round-robin all
diff --git a/regress/sbin/pfctl/pf46.ok b/regress/sbin/pfctl/pf46.ok
index 13630e5674e..79d6b4c2d4e 100644
--- a/regress/sbin/pfctl/pf46.ok
+++ b/regress/sbin/pfctl/pf46.ok
@@ -1,8 +1,8 @@
-pass in on lo0 route-to { (lo0 127.0.0.1), (lo0 127.0.0.2) } round-robin inet all
-pass out on lo0 route-to { (lo0 127.0.0.1), (lo0 127.0.0.2) } round-robin inet all
-pass in on lo0 route-to (lo0 127.0.0.0/24) bitmask inet all
-pass out on lo0 dup-to (lo0 127.0.0.0/24) random inet all
-pass in on lo0 reply-to { lo0, lo0 } round-robin inet6 all
-pass in on lo0 reply-to (lo0 127.0.0.0/28) source-hash 0x0123456789abcdef0123456789abcdef inet all
-pass out on lo0 route-to (lo0 127.0.0.0/24) source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 inet all
-pass in on lo0 dup-to (lo0 127.0.0.0/24) round-robin inet all
+pass in on lo0 route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } round-robin inet all
+pass out on lo0 route-to { (pflog0 127.0.0.1), (pflog0 127.0.0.2) } round-robin inet all
+pass in on lo0 route-to (pflog0 127.0.0.0/24) bitmask inet all
+pass out on lo0 dup-to (pflog0 127.0.0.0/24) random inet all
+pass in on lo0 reply-to { pflog0, pflog0 } round-robin inet6 all
+pass in on lo0 reply-to (pflog0 127.0.0.0/28) source-hash 0x0123456789abcdef0123456789abcdef inet all
+pass out on lo0 route-to (pflog0 127.0.0.0/24) source-hash 0x4da8e393fd22f577426cfdf7fe52d3b0 inet all
+pass in on lo0 dup-to (pflog0 127.0.0.0/24) round-robin inet all
diff --git a/regress/sbin/pfctl/pfail16.in b/regress/sbin/pfctl/pfail16.in
new file mode 100644
index 00000000000..3dc660c7ac4
--- /dev/null
+++ b/regress/sbin/pfctl/pfail16.in
@@ -0,0 +1,3 @@
+# route/reply/dup-to can't have a loopback interface as argument
+
+pass in on lo0 route-to lo0 inet all