Direction (in/out) is now optional in filter rules, 'block all' is valid,

for instance. Add a regress test for those.

3 files changed, 42 insertions, 2 deletions

diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile
index 58a32e980bf..6231e2f07f4 100644
--- a/regress/sbin/pfctl/Makefile
+++ b/regress/sbin/pfctl/Makefile
@@ -1,7 +1,7 @@
-# $OpenBSD: Makefile,v 1.51 2002/12/05 15:01:09 markus Exp $
+# $OpenBSD: Makefile,v 1.52 2002/12/06 14:29:55 dhartmei Exp $
 
 PFTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
-PFTESTS+=28 29 30 31 32 33 34 35 36 37 38 39
+PFTESTS+=28 29 30 31 32 33 34 35 36 37 38 39 40
 PFFAIL=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
 PFSIMPLE=1 2
 PFSETUP=1
diff --git a/regress/sbin/pfctl/pf40.in b/regress/sbin/pfctl/pf40.in
new file mode 100644
index 00000000000..128a0448639
--- /dev/null
+++ b/regress/sbin/pfctl/pf40.in
@@ -0,0 +1,26 @@
+#scrub
+scrub all
+#scrub in
+#scrub out
+scrub in all
+scrub from any to any
+#block
+#block return
+#block return-rst proto tcp
+#pass
+#pass in
+#pass out
+pass all
+block in all
+block out all
+block from any to any
+pass in from any to any
+pass out from any to any
+#block on lo0
+pass on lo0 all
+block on lo0 from any to any
+#pass proto tcp flags S/SA
+#pass proto udp keep state
+pass in proto udp all keep state
+pass out proto udp from any to any keep state
+pass out on lo0 proto tcp from any to any port 25 keep state
diff --git a/regress/sbin/pfctl/pf40.ok b/regress/sbin/pfctl/pf40.ok
new file mode 100644
index 00000000000..17ef44abb51
--- /dev/null
+++ b/regress/sbin/pfctl/pf40.ok
@@ -0,0 +1,14 @@
+scrub all fragment reassemble 
+scrub in all fragment reassemble 
+scrub all fragment reassemble 
+pass all 
+block drop in all 
+block drop out all 
+block drop all 
+pass in all 
+pass out all 
+pass on lo0 all 
+block drop on lo0 all 
+pass in proto udp all keep state 
+pass out proto udp all keep state 
+pass out on lo0 proto tcp from any to any port = smtp keep state