diff options
author | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2017-09-15 14:03:15 +0000 |
---|---|---|
committer | Alexander Bluhm <bluhm@cvs.openbsd.org> | 2017-09-15 14:03:15 +0000 |
commit | c51ed7f19409131488d976227f646a6d4ef5c70c (patch) | |
tree | c971b559dcf0a62b3d313598d15c18f97dbeafaf /regress/sys | |
parent | c28a413f72844dde1e92e25dfff63bd9ba4376e0 (diff) |
Clean up pf rules and states on remote machine so that they do not
interfere with later tests.
Diffstat (limited to 'regress/sys')
-rw-r--r-- | regress/sys/netinet/frag/Makefile | 13 | ||||
-rw-r--r-- | regress/sys/netinet/frag/pf.conf | 4 | ||||
-rw-r--r-- | regress/sys/netinet6/frag6/Makefile | 10 | ||||
-rw-r--r-- | regress/sys/netinet6/frag6/pf.conf | 4 |
4 files changed, 23 insertions, 8 deletions
diff --git a/regress/sys/netinet/frag/Makefile b/regress/sys/netinet/frag/Makefile index faf87a2ddcf..195634b5d07 100644 --- a/regress/sys/netinet/frag/Makefile +++ b/regress/sys/netinet/frag/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.1 2017/09/07 15:09:00 bluhm Exp $ +# $OpenBSD: Makefile,v 1.2 2017/09/15 14:03:14 bluhm Exp $ # The following ports must be installed: # @@ -98,14 +98,17 @@ REGRESS_TARGETS = FRAG_SCRIPTS !!= cd ${.CURDIR} && ls -1 frag*.py run-regress-stack-frag_mf0long.py: + @echo '\n======== $@ ========' # the stack allows fragments with data behind a fragment without MF @echo DISABLED run-regress-stack-frag_mf0short.py: + @echo '\n======== $@ ========' # the stack allows fragments without MF ending before other fragments @echo DISABLED run-regress-stack-frag_mf1end.py: + @echo '\n======== $@ ========' # the stack allows fragments with MF together with fragments without MF @echo DISABLED @@ -145,7 +148,13 @@ REGRESS_TARGETS += run-regress-${sp}-ping run-regress-${sp}-fragping \ # After running the tests, turn on pf on remote machine. # This is the expected default configuration. -REGRESS_TARGETS += stamp-pf + +cleanup-pf: + rm -f stamp-stack stamp-pf + ssh ${IPS_SSH} ${SUDO} pfctl -a regress -Fa + -ssh ${REMOTE_SSH} ${SUDO} pfctl -e || true + +REGRESS_TARGETS += cleanup-pf CLEANFILES += addr.py *.pyc *.log stamp-* diff --git a/regress/sys/netinet/frag/pf.conf b/regress/sys/netinet/frag/pf.conf index 7d101bc927b..d6cc42228b3 100644 --- a/regress/sys/netinet/frag/pf.conf +++ b/regress/sys/netinet/frag/pf.conf @@ -2,5 +2,5 @@ pass inet allow-opts # turning on and off pf via ssh connection does not work with states -pass proto tcp from port ssh no state -pass proto tcp to port ssh no state +pass proto tcp from port ssh flags A/SA no state +pass proto tcp to port ssh flags A/SA no state diff --git a/regress/sys/netinet6/frag6/Makefile b/regress/sys/netinet6/frag6/Makefile index f382e4a9d41..48dbd06d20e 100644 --- a/regress/sys/netinet6/frag6/Makefile +++ b/regress/sys/netinet6/frag6/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.21 2017/09/07 19:04:23 bluhm Exp $ +# $OpenBSD: Makefile,v 1.22 2017/09/15 14:03:14 bluhm Exp $ # The following ports must be installed: # @@ -133,7 +133,13 @@ REGRESS_TARGETS += run-regress-${sp}-ping6 run-regress-${sp}-fragping6 \ # After running the tests, turn on pf on remote machine. # This is the expected default configuration. -REGRESS_TARGETS += stamp-pf + +cleanup-pf: + rm -f stamp-stack stamp-pf + ssh ${IPS_SSH} ${SUDO} pfctl -a regress -Fa + -ssh ${REMOTE_SSH} ${SUDO} pfctl -e || true + +REGRESS_TARGETS += cleanup-pf CLEANFILES += addr.py *.pyc *.log stamp-* diff --git a/regress/sys/netinet6/frag6/pf.conf b/regress/sys/netinet6/frag6/pf.conf index fc5dbec04f1..b74406f274a 100644 --- a/regress/sys/netinet6/frag6/pf.conf +++ b/regress/sys/netinet6/frag6/pf.conf @@ -2,5 +2,5 @@ pass inet6 allow-opts # turning on and off pf via ssh connection does not work with states -pass proto tcp from port ssh no state -pass proto tcp to port ssh no state +pass proto tcp from port ssh flags A/SA no state +pass proto tcp to port ssh flags A/SA no state |