diff options
author | Henning Brauer <henning@cvs.openbsd.org> | 2003-02-18 19:11:58 +0000 |
---|---|---|
committer | Henning Brauer <henning@cvs.openbsd.org> | 2003-02-18 19:11:58 +0000 |
commit | 68e76b618efbefb7afeac5c3e0694dcccaf90c06 (patch) | |
tree | e45989d2626eb39e929d041fcb99aa4fb7b5d68d /regress/sbin | |
parent | 91ea1d2eceda89d60fcae545bc02eeb83e1bd451 (diff) |
test correct operation of the -N, -O, -A and -R load options.
some of these fail right now.
Diffstat (limited to 'regress/sbin')
-rw-r--r-- | regress/sbin/pfctl/Makefile | 4 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt2.in | 29 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt2.ok | 7 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt2.opts | 1 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt3.in | 29 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt3.ok | 7 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt3.opts | 1 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt4.in | 29 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt4.ok | 6 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt4.opts | 1 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt5.in | 29 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt5.ok | 7 | ||||
-rw-r--r-- | regress/sbin/pfctl/pfopt5.opts | 1 |
13 files changed, 149 insertions, 2 deletions
diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile index 6d12c2ad164..1a719e03e86 100644 --- a/regress/sbin/pfctl/Makefile +++ b/regress/sbin/pfctl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.74 2003/02/18 18:05:52 henning Exp $ +# $OpenBSD: Makefile,v 1.75 2003/02/18 19:11:57 henning Exp $ PFTESTS=1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 PFTESTS+=28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 @@ -11,7 +11,7 @@ PFLOAD+=30 31 32 34 36 38 39 40 44 49 #disabled now due to no altq and table in anchors #PFLOAD+=33 35 43 48 PFTABLE=1 2 3 4 5 6 7 8 9 10 11 12 -PFOPT=1 +PFOPT=1 2 3 4 5 .for n in ${PFFAIL} REGRESS_TARGETS+=pfail${n} diff --git a/regress/sbin/pfctl/pfopt2.in b/regress/sbin/pfctl/pfopt2.in new file mode 100644 index 00000000000..628373aa483 --- /dev/null +++ b/regress/sbin/pfctl/pfopt2.in @@ -0,0 +1,29 @@ +ext_if="lo0" + +# OPTIONS, -O +set loginterface $ext_if +set timeout tcp.established 3600 +set limit states 100 +set optimization normal +set block-policy drop +set require-order yes + +# NOMALIZATION +scrub in all + +# QUEUEING, -A +altq on $ext_if priq bandwidth 10Mb queue { pri-low pri-med pri-high } +queue pri-low priority 0 +queue pri-med priority 1 priq(default) +queue pri-high priority 2 + +# NAT -N +rdr on $ext_if inet from any to any -> 127.0.0.1 +nat on $ext_if inet from any to any -> 127.0.0.1 +binat on $ext_if inet from 192.168.0.0/24 to 192.168.0.1/24 -> 192.168.0.3/24 + +# FILTER, -R +pass out on $ext_if proto tcp from any to any port 22 keep state \ + queue(pri-med, pri-high) +pass out on $ext_if proto tcp from any to any port 80 keep state queue pri-med +pass in on $ext_if proto tcp from any to any port 80 keep state queue pri-low diff --git a/regress/sbin/pfctl/pfopt2.ok b/regress/sbin/pfctl/pfopt2.ok new file mode 100644 index 00000000000..9550e3c990c --- /dev/null +++ b/regress/sbin/pfctl/pfopt2.ok @@ -0,0 +1,7 @@ +ext_if = "lo0" +set loginterface lo0 +set timeout tcp.established 3600 +set limit states 100 +set optimization normal +set block-policy drop +set require-order yes diff --git a/regress/sbin/pfctl/pfopt2.opts b/regress/sbin/pfctl/pfopt2.opts new file mode 100644 index 00000000000..ebc68ab83c0 --- /dev/null +++ b/regress/sbin/pfctl/pfopt2.opts @@ -0,0 +1 @@ +-O diff --git a/regress/sbin/pfctl/pfopt3.in b/regress/sbin/pfctl/pfopt3.in new file mode 100644 index 00000000000..628373aa483 --- /dev/null +++ b/regress/sbin/pfctl/pfopt3.in @@ -0,0 +1,29 @@ +ext_if="lo0" + +# OPTIONS, -O +set loginterface $ext_if +set timeout tcp.established 3600 +set limit states 100 +set optimization normal +set block-policy drop +set require-order yes + +# NOMALIZATION +scrub in all + +# QUEUEING, -A +altq on $ext_if priq bandwidth 10Mb queue { pri-low pri-med pri-high } +queue pri-low priority 0 +queue pri-med priority 1 priq(default) +queue pri-high priority 2 + +# NAT -N +rdr on $ext_if inet from any to any -> 127.0.0.1 +nat on $ext_if inet from any to any -> 127.0.0.1 +binat on $ext_if inet from 192.168.0.0/24 to 192.168.0.1/24 -> 192.168.0.3/24 + +# FILTER, -R +pass out on $ext_if proto tcp from any to any port 22 keep state \ + queue(pri-med, pri-high) +pass out on $ext_if proto tcp from any to any port 80 keep state queue pri-med +pass in on $ext_if proto tcp from any to any port 80 keep state queue pri-low diff --git a/regress/sbin/pfctl/pfopt3.ok b/regress/sbin/pfctl/pfopt3.ok new file mode 100644 index 00000000000..54a934d27e4 --- /dev/null +++ b/regress/sbin/pfctl/pfopt3.ok @@ -0,0 +1,7 @@ +ext_if = "lo0" +set block-policy drop +set require-order yes +altq on lo0 priq bandwidth 10.00Mb tbrsize 1824 queue { pri-low pri-med pri-high } +queue pri-low priority 0 +queue pri-med priq( default ) +queue pri-high priority 2 diff --git a/regress/sbin/pfctl/pfopt3.opts b/regress/sbin/pfctl/pfopt3.opts new file mode 100644 index 00000000000..d8439a99f37 --- /dev/null +++ b/regress/sbin/pfctl/pfopt3.opts @@ -0,0 +1 @@ +-A diff --git a/regress/sbin/pfctl/pfopt4.in b/regress/sbin/pfctl/pfopt4.in new file mode 100644 index 00000000000..628373aa483 --- /dev/null +++ b/regress/sbin/pfctl/pfopt4.in @@ -0,0 +1,29 @@ +ext_if="lo0" + +# OPTIONS, -O +set loginterface $ext_if +set timeout tcp.established 3600 +set limit states 100 +set optimization normal +set block-policy drop +set require-order yes + +# NOMALIZATION +scrub in all + +# QUEUEING, -A +altq on $ext_if priq bandwidth 10Mb queue { pri-low pri-med pri-high } +queue pri-low priority 0 +queue pri-med priority 1 priq(default) +queue pri-high priority 2 + +# NAT -N +rdr on $ext_if inet from any to any -> 127.0.0.1 +nat on $ext_if inet from any to any -> 127.0.0.1 +binat on $ext_if inet from 192.168.0.0/24 to 192.168.0.1/24 -> 192.168.0.3/24 + +# FILTER, -R +pass out on $ext_if proto tcp from any to any port 22 keep state \ + queue(pri-med, pri-high) +pass out on $ext_if proto tcp from any to any port 80 keep state queue pri-med +pass in on $ext_if proto tcp from any to any port 80 keep state queue pri-low diff --git a/regress/sbin/pfctl/pfopt4.ok b/regress/sbin/pfctl/pfopt4.ok new file mode 100644 index 00000000000..70f95d1dab5 --- /dev/null +++ b/regress/sbin/pfctl/pfopt4.ok @@ -0,0 +1,6 @@ +ext_if = "lo0" +set block-policy drop +set require-order yes +rdr on lo0 inet all -> 127.0.0.1 +nat on lo0 inet all -> 127.0.0.1 +binat on lo0 inet from 192.168.0.0/24 to 192.168.0.0/24 -> 192.168.0.0/24 diff --git a/regress/sbin/pfctl/pfopt4.opts b/regress/sbin/pfctl/pfopt4.opts new file mode 100644 index 00000000000..059ac305028 --- /dev/null +++ b/regress/sbin/pfctl/pfopt4.opts @@ -0,0 +1 @@ +-N diff --git a/regress/sbin/pfctl/pfopt5.in b/regress/sbin/pfctl/pfopt5.in new file mode 100644 index 00000000000..628373aa483 --- /dev/null +++ b/regress/sbin/pfctl/pfopt5.in @@ -0,0 +1,29 @@ +ext_if="lo0" + +# OPTIONS, -O +set loginterface $ext_if +set timeout tcp.established 3600 +set limit states 100 +set optimization normal +set block-policy drop +set require-order yes + +# NOMALIZATION +scrub in all + +# QUEUEING, -A +altq on $ext_if priq bandwidth 10Mb queue { pri-low pri-med pri-high } +queue pri-low priority 0 +queue pri-med priority 1 priq(default) +queue pri-high priority 2 + +# NAT -N +rdr on $ext_if inet from any to any -> 127.0.0.1 +nat on $ext_if inet from any to any -> 127.0.0.1 +binat on $ext_if inet from 192.168.0.0/24 to 192.168.0.1/24 -> 192.168.0.3/24 + +# FILTER, -R +pass out on $ext_if proto tcp from any to any port 22 keep state \ + queue(pri-med, pri-high) +pass out on $ext_if proto tcp from any to any port 80 keep state queue pri-med +pass in on $ext_if proto tcp from any to any port 80 keep state queue pri-low diff --git a/regress/sbin/pfctl/pfopt5.ok b/regress/sbin/pfctl/pfopt5.ok new file mode 100644 index 00000000000..05342d08ca3 --- /dev/null +++ b/regress/sbin/pfctl/pfopt5.ok @@ -0,0 +1,7 @@ +ext_if = "lo0" +set block-policy drop +set require-order yes +scrub in all fragment reassemble +pass out on lo0 proto tcp from any to any port = ssh keep state queue(pri-med, pri-high) +pass out on lo0 proto tcp from any to any port = www keep state queue pri-med +pass in on lo0 proto tcp from any to any port = www keep state queue pri-low diff --git a/regress/sbin/pfctl/pfopt5.opts b/regress/sbin/pfctl/pfopt5.opts new file mode 100644 index 00000000000..146803a2ea9 --- /dev/null +++ b/regress/sbin/pfctl/pfopt5.opts @@ -0,0 +1 @@ +-R |