Update some more tests for new pf.

ok henning@

6 files changed, 53 insertions, 40 deletions

diff --git a/regress/sbin/pfctl/pfail27.in b/regress/sbin/pfctl/pfail27.in
index d57e7829319..6fbfb8a59fb 100644
--- a/regress/sbin/pfctl/pfail27.in
+++ b/regress/sbin/pfctl/pfail27.in
@@ -1,6 +1,6 @@
 # various anchor limitations
 
-rdr-anchor foo from 10/8 port 1024 to any
-rdr-anchor foo to 10/8 port { 80, 443 }
-rdr-anchor foo to 10/8 port 6000:7000
+anchor foo from 10/8 port 1024 to any
+anchor foo to 10/8 port { 80, 443 }
+anchor foo to 10/8 port 6000:7000
 anchor foo keep state
diff --git a/regress/sbin/pfctl/pfail27.ok b/regress/sbin/pfctl/pfail27.ok
index 20d88abe520..1dfd95a52af 100644
--- a/regress/sbin/pfctl/pfail27.ok
+++ b/regress/sbin/pfctl/pfail27.ok
@@ -1,4 +1,12 @@
-stdin:3: source port parameter not supported in rdr-anchor
-stdin:4: destination port list expansion not supported in rdr-anchor
-stdin:5: destination port operators not supported in rdr-anchor
+stdin:3: port only applies to tcp/udp
+stdin:3: skipping rule due to errors
+stdin:3: rule expands to no valid combination
+stdin:4: port only applies to tcp/udp
+stdin:4: skipping rule due to errors
+stdin:4: port only applies to tcp/udp
+stdin:4: skipping rule due to errors
+stdin:4: rule expands to no valid combination
+stdin:5: port only applies to tcp/udp
+stdin:5: skipping rule due to errors
+stdin:5: rule expands to no valid combination
 stdin:6: cannot specify state handling on anchors
diff --git a/regress/sbin/pfctl/pfail30.in b/regress/sbin/pfctl/pfail30.in
index 6d71b4eaaf8..86fdfb4bf38 100644
--- a/regress/sbin/pfctl/pfail30.in
+++ b/regress/sbin/pfctl/pfail30.in
@@ -1,18 +1,18 @@
 # invalid binat stuff
-binat on lo0 from (lo0) to (lo1000000) -> (lo0)
-binat on lo0 from (lo0) to no-route -> (lo1000000)
-binat on lo0 from no-route to any -> 1.1.1.1
-binat on lo0 from !1.1.1.1 to any -> 1.1.1.1
-binat on lo0 from !(lo0) to any -> 1.1.1.1
-binat on lo0 from 1.1.1.1 to any -> no-route
-binat on lo0 from 1.1.1.1 to any -> !3.3.3.3
-binat on lo0 from 1.1.1.1 to any -> !(lo1000000)
-#binat on { lo0 lo1000000 } from 1.1.1.1 to any -> 2.2.2.2
-binat on lo0 from { 1.1.1.1 2.2.2.2 } to any -> 3.3.3.3
-binat on lo0 from 1.1.1.1 to { 2.2.2.2 3.3.3.3 } -> 4.4.4.4
-binat on lo0 from 1.1.1.1 to any -> { 1.1.1.1 2.2.2.2 }
-binat on lo0 from ::1 to any -> 1.2.3.4
-binat on lo0 from 1.1.1.1 to ::1 -> 1.2.3.4
-binat on lo0 from 1.1.1.1 to any -> ::1
-binat on lo0 inet from ::1 to any -> ::2
-binat on lo0 inet6 from 1.2.3.4 to any -> 4.3.2.1
+match on lo0 from (lo0) to (lo1000000) binat-to (lo0)
+match on lo0 from (lo0) to no-route binat-to (lo1000000)
+match on lo0 from no-route to any binat-to 1.1.1.1
+match on lo0 from !1.1.1.1 to any binat-to 1.1.1.1
+match on lo0 from !(lo0) to any binat-to 1.1.1.1
+match on lo0 from 1.1.1.1 to any binat-to no-route
+match on lo0 from 1.1.1.1 to any binat-to !3.3.3.3
+match on lo0 from 1.1.1.1 to any binat-to !(lo1000000)
+#match on { lo0 lo1000000 } from 1.1.1.1 to any binat-to 2.2.2.2
+match on lo0 from { 1.1.1.1 2.2.2.2 } to any binat-to 3.3.3.3
+match on lo0 from 1.1.1.1 to { 2.2.2.2 3.3.3.3 } binat-to 4.4.4.4
+match on lo0 from 1.1.1.1 to any binat-to { 1.1.1.1 2.2.2.2 }
+match on lo0 from ::1 to any binat-to 1.2.3.4
+match on lo0 from 1.1.1.1 to ::1 binat-to 1.2.3.4
+match on lo0 from 1.1.1.1 to any binat-to ::1
+match on lo0 inet from ::1 to any binat-to ::2
+match on lo0 inet6 from 1.2.3.4 to any binat-to 4.3.2.1
diff --git a/regress/sbin/pfctl/pfail30.ok b/regress/sbin/pfctl/pfail30.ok
index 3092a566ae5..06e055fc0c0 100644
--- a/regress/sbin/pfctl/pfail30.ok
+++ b/regress/sbin/pfctl/pfail30.ok
@@ -1,16 +1,25 @@
-stdin:2: address family (inet/inet6) undefined
-stdin:3: address family (inet/inet6) undefined
-stdin:4: syntax error
-stdin:5: syntax error
-stdin:6: syntax error
+stdin:2: invalid use of interface (lo0) as the source address of a binat-to rule
+stdin:2: invalid use of interface (lo1000000) as the redirect address of a binat-to rule
+stdin:2: skipping rule due to errors
+stdin:2: rule expands to no valid combination
+stdin:3: invalid use of interface (lo0) as the source address of a binat-to rule
+stdin:3: skipping rule due to errors
+stdin:3: rule expands to no valid combination
+stdin:4: binat-to requires a specified source and redirect address
+stdin:4: skipping rule due to errors
+stdin:4: rule expands to no valid combination
+stdin:6: invalid use of interface (lo0) as the source address of a binat-to rule
+stdin:6: skipping rule due to errors
+stdin:6: rule expands to no valid combination
 stdin:7: syntax error
 stdin:8: syntax error
 stdin:9: syntax error
-stdin:11: syntax error
-stdin:12: multiple binat ip addresses
-stdin:13: syntax error
 stdin:14: no translation address with matching address family found.
-stdin:15: binat ip versions must match
+stdin:14: skipping rule due to errors
+stdin:14: rule expands to no valid combination
+stdin:15: rule expands to no valid combination
 stdin:16: no translation address with matching address family found.
-stdin:17: binat ip versions must match
-stdin:18: binat ip versions must match
+stdin:16: skipping rule due to errors
+stdin:16: rule expands to no valid combination
+stdin:17: rule expands to no valid combination
+stdin:18: rule expands to no valid combination
diff --git a/regress/sbin/pfctl/pfail38.in b/regress/sbin/pfctl/pfail38.in
index 476df4c1286..1b71e97892c 100644
--- a/regress/sbin/pfctl/pfail38.in
+++ b/regress/sbin/pfctl/pfail38.in
@@ -1,4 +1,2 @@
-nat on lo0 tag thistagisfaaaaaartooooolooooooooongthistagisfaaaaaartooooolooooooooong -> 127.0.0.1
-rdr on lo0 tag thistagisfaaaaaartooooolooooooooongthistagisfaaaaaartooooolooooooooong -> 127.0.0.1
-no nat on lo0 tag thistagisfaaaaaartooooolooooooooongthistagisfaaaaaartooooolooooooooong
-no rdr on lo0 tag thistagisfaaaaaartooooolooooooooongthistagisfaaaaaartooooolooooooooong
+match out on lo0 tag thistagisfaaaaaartooooolooooooooongthistagisfaaaaaartooooolooooooooong nat-to 127.0.0.1
+match in on lo0 tag thistagisfaaaaaartooooolooooooooongthistagisfaaaaaartooooolooooooooong rdr-to 127.0.0.1
diff --git a/regress/sbin/pfctl/pfail38.ok b/regress/sbin/pfctl/pfail38.ok
index a7a42af3bd6..ca7448f2069 100644
--- a/regress/sbin/pfctl/pfail38.ok
+++ b/regress/sbin/pfctl/pfail38.ok
@@ -1,4 +1,2 @@
 stdin:1: tag too long, max 63 chars
 stdin:2: tag too long, max 63 chars
-stdin:3: tag too long, max 63 chars
-stdin:4: tag too long, max 63 chars