summaryrefslogtreecommitdiff
path: root/regress/sbin/pfctl
diff options
context:
space:
mode:
authorHenning Brauer <henning@cvs.openbsd.org>2003-02-18 18:05:53 +0000
committerHenning Brauer <henning@cvs.openbsd.org>2003-02-18 18:05:53 +0000
commit3c9bb8249b2022eaf90e6f71206a7ce32f8b3661 (patch)
tree098232ef76f6e6d527668e933eb47cc1309f7c1c /regress/sbin/pfctl
parent623d677138096ee638b15281caf67bb87dcdf075 (diff)
test pfctl output for the fail tests too.
that ensures that not a single failure-causing statement makes the whole test succeed.
Diffstat (limited to 'regress/sbin/pfctl')
-rw-r--r--regress/sbin/pfctl/Makefile7
-rw-r--r--regress/sbin/pfctl/pfail1.ok12
-rw-r--r--regress/sbin/pfctl/pfail10.ok4
-rw-r--r--regress/sbin/pfctl/pfail11.ok9
-rw-r--r--regress/sbin/pfctl/pfail12.ok6
-rw-r--r--regress/sbin/pfctl/pfail13.ok3
-rw-r--r--regress/sbin/pfctl/pfail14.ok4
-rw-r--r--regress/sbin/pfctl/pfail15.ok3
-rw-r--r--regress/sbin/pfctl/pfail2.ok4
-rw-r--r--regress/sbin/pfctl/pfail3.ok4
-rw-r--r--regress/sbin/pfctl/pfail4.ok2
-rw-r--r--regress/sbin/pfctl/pfail5.ok4
-rw-r--r--regress/sbin/pfctl/pfail6.ok4
-rw-r--r--regress/sbin/pfctl/pfail7.ok4
-rw-r--r--regress/sbin/pfctl/pfail8.ok3
-rw-r--r--regress/sbin/pfctl/pfail9.ok4
16 files changed, 73 insertions, 4 deletions
diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile
index 75ffec3cafd..6d12c2ad164 100644
--- a/regress/sbin/pfctl/Makefile
+++ b/regress/sbin/pfctl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.73 2003/02/18 17:54:01 henning Exp $
+# $OpenBSD: Makefile,v 1.74 2003/02/18 18:05:52 henning Exp $
PFTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27
PFTESTS+=28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50
@@ -17,9 +17,8 @@ PFOPT=1
REGRESS_TARGETS+=pfail${n}
pfail${n}:
- if pfctl -nv -f - < ${.CURDIR}/pfail${n}.in > /dev/null 2>&1 ; then \
- false ; \
- fi
+ pfctl -nv -f - < ${.CURDIR}/pfail${n}.in 2>&1 | \
+ diff -u ${.CURDIR}/pfail${n}.ok /dev/stdin
.endfor
diff --git a/regress/sbin/pfctl/pfail1.ok b/regress/sbin/pfctl/pfail1.ok
new file mode 100644
index 00000000000..9223d5fb171
--- /dev/null
+++ b/regress/sbin/pfctl/pfail1.ok
@@ -0,0 +1,12 @@
+stdin:3: port only applies to tcp/udp
+stdin:3: skipping rule due to errors
+stdin:3: rule expands to no valid combination
+stdin:4: port only applies to tcp/udp
+stdin:4: skipping rule due to errors
+stdin:4: rule expands to no valid combination
+stdin:5: port only applies to tcp/udp
+stdin:5: skipping rule due to errors
+stdin:5: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
+pass in all
+pass in all
diff --git a/regress/sbin/pfctl/pfail10.ok b/regress/sbin/pfctl/pfail10.ok
new file mode 100644
index 00000000000..dd84cc3d801
--- /dev/null
+++ b/regress/sbin/pfctl/pfail10.ok
@@ -0,0 +1,4 @@
+stdin:4: Rules must be in order: options, scrub, queue, NAT, filter
+pfctl: Syntax error in file: pf rules not loaded
+nat on lo0 inet all -> 127.0.0.1
+pass in on lo1 all
diff --git a/regress/sbin/pfctl/pfail11.ok b/regress/sbin/pfctl/pfail11.ok
new file mode 100644
index 00000000000..6881594a903
--- /dev/null
+++ b/regress/sbin/pfctl/pfail11.ok
@@ -0,0 +1,9 @@
+stdin:2: syntax error
+stdin:4: Rules must be in order: options, scrub, queue, NAT, filter
+stdin:5: Rules must be in order: options, scrub, queue, NAT, filter
+pfctl: Syntax error in file: pf rules not loaded
+set optimization aggressive
+set timeout tcp.closing 6
+pass in all
+set limit states 1000
+set loginterface lo0
diff --git a/regress/sbin/pfctl/pfail12.ok b/regress/sbin/pfctl/pfail12.ok
new file mode 100644
index 00000000000..6951c6df3b5
--- /dev/null
+++ b/regress/sbin/pfctl/pfail12.ok
@@ -0,0 +1,6 @@
+stdin:2: dst port only applies to tcp/udp
+stdin:2: rpool port only applies to tcp/udp
+stdin:2: skipping rule due to errors
+stdin:2: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
+pass in all flags S/SA
diff --git a/regress/sbin/pfctl/pfail13.ok b/regress/sbin/pfctl/pfail13.ok
new file mode 100644
index 00000000000..8ba4eedabae
--- /dev/null
+++ b/regress/sbin/pfctl/pfail13.ok
@@ -0,0 +1,3 @@
+stdin:1: syntax error
+stdin:2: syntax error
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail14.ok b/regress/sbin/pfctl/pfail14.ok
new file mode 100644
index 00000000000..fe4057f082c
--- /dev/null
+++ b/regress/sbin/pfctl/pfail14.ok
@@ -0,0 +1,4 @@
+stdin:1: dynamic addresses require address family (inet/inet6)
+stdin:1: skipping rule due to errors
+stdin:1: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail15.ok b/regress/sbin/pfctl/pfail15.ok
new file mode 100644
index 00000000000..6adad86415d
--- /dev/null
+++ b/regress/sbin/pfctl/pfail15.ok
@@ -0,0 +1,3 @@
+stdin:3: string too long
+stdin:3: syntax error
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail2.ok b/regress/sbin/pfctl/pfail2.ok
new file mode 100644
index 00000000000..b4232866eeb
--- /dev/null
+++ b/regress/sbin/pfctl/pfail2.ok
@@ -0,0 +1,4 @@
+stdin:1: icmp version does not match address family
+stdin:1: skipping rule due to errors
+stdin:1: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail3.ok b/regress/sbin/pfctl/pfail3.ok
new file mode 100644
index 00000000000..b4232866eeb
--- /dev/null
+++ b/regress/sbin/pfctl/pfail3.ok
@@ -0,0 +1,4 @@
+stdin:1: icmp version does not match address family
+stdin:1: skipping rule due to errors
+stdin:1: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail4.ok b/regress/sbin/pfctl/pfail4.ok
new file mode 100644
index 00000000000..f2e3e39d504
--- /dev/null
+++ b/regress/sbin/pfctl/pfail4.ok
@@ -0,0 +1,2 @@
+stdin:3: syntax error
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail5.ok b/regress/sbin/pfctl/pfail5.ok
new file mode 100644
index 00000000000..b4232866eeb
--- /dev/null
+++ b/regress/sbin/pfctl/pfail5.ok
@@ -0,0 +1,4 @@
+stdin:1: icmp version does not match address family
+stdin:1: skipping rule due to errors
+stdin:1: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail6.ok b/regress/sbin/pfctl/pfail6.ok
new file mode 100644
index 00000000000..eb1f5291002
--- /dev/null
+++ b/regress/sbin/pfctl/pfail6.ok
@@ -0,0 +1,4 @@
+stdin:1: icmp-type mismatch
+stdin:1: skipping rule due to errors
+stdin:1: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail7.ok b/regress/sbin/pfctl/pfail7.ok
new file mode 100644
index 00000000000..eb1f5291002
--- /dev/null
+++ b/regress/sbin/pfctl/pfail7.ok
@@ -0,0 +1,4 @@
+stdin:1: icmp-type mismatch
+stdin:1: skipping rule due to errors
+stdin:1: rule expands to no valid combination
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail8.ok b/regress/sbin/pfctl/pfail8.ok
new file mode 100644
index 00000000000..0c1e8b5611f
--- /dev/null
+++ b/regress/sbin/pfctl/pfail8.ok
@@ -0,0 +1,3 @@
+stdin:1: no routing address with matching address family found.
+stdin:2: no routing address with matching address family found.
+pfctl: Syntax error in file: pf rules not loaded
diff --git a/regress/sbin/pfctl/pfail9.ok b/regress/sbin/pfctl/pfail9.ok
new file mode 100644
index 00000000000..73714ab8579
--- /dev/null
+++ b/regress/sbin/pfctl/pfail9.ok
@@ -0,0 +1,4 @@
+stdin:5: Rules must be in order: options, scrub, queue, NAT, filter
+pfctl: Syntax error in file: pf rules not loaded
+scrub in on lo0 all fragment reassemble
+pass in on lo1 all