Add tests for interface->address translation in userland and in the kernel.

8 files changed, 159 insertions, 1 deletions

diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile
index 39683fc7661..72b3fab71a1 100644
--- a/regress/sbin/pfctl/Makefile
+++ b/regress/sbin/pfctl/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.169 2003/12/30 16:48:47 henning Exp $
+# $OpenBSD: Makefile,v 1.170 2004/01/06 12:34:05 cedric Exp $
 
 # TARGETS
 # pf: feed pfNN.in through pfctl and check wether the output matches pfNN.ok
@@ -28,6 +28,7 @@ PFALTQ=1 2 3 4 5 6 7 8 9 10 11 12 13 14
 # PFLOAD+=6 22 41 50 52 53 55 57 83
 PFTABLE=1 2 3 4 5 6 7 8 9 10 11 12 13
 PFOPT=1 2 3 4 5
+PFIF2IP=1 2 3
 
 .ifmake !obj && !clean && !cleandir
 .BEGIN:
@@ -142,6 +143,25 @@ pfr:		${PFR_TARGETS}
 pfr-update:	${PFR_UPDATES}
 NODEFAULT_TARGETS+=pfr
 
+.for n in ${PFIF2IP}
+PFI_TARGETS+=pfi${n}
+PFI_UPDATES+=pfi${n}-update
+
+pfi${n}:
+	xargs ${SUDO} /bin/ksh ${.CURDIR}/if2ip <${.CURDIR}/pfi${n}.in | \
+            diff -u ${.CURDIR}/pfi${n}.ok /dev/stdin
+
+pfi${n}-update:
+	xargs ${SUDO} /bin/ksh ${.CURDIR}/if2ip <${.CURDIR}/pfi${n}.in \
+	    > ${.CURDIR}/pfi${n}.ok
+
+.endfor
+
+pfi:            ${PFI_TARGETS}
+pfi-update:     ${PFI_UPDATES}
+REGRESS_TARGETS+=pfi
+UPDATE_TARGETS+=pfi-update
+
 .for n in ${PFOPT}
 PFOPT_TARGETS+=pfopt${n}
 PFOPT_UPDATES+=pfopt${n}-update
diff --git a/regress/sbin/pfctl/if2ip b/regress/sbin/pfctl/if2ip
new file mode 100644
index 00000000000..8c4eb1e7cf6
--- /dev/null
+++ b/regress/sbin/pfctl/if2ip
@@ -0,0 +1,55 @@
+#!/bin/ksh
+# simple script that compare and display interface to address translation
+# done by the userland pfctl tool and by the kernel PF dynamic code.
+
+if2ip_user() {
+    echo "pass in on tun100 from $1" | pfctl -nvf- 2>/dev/null \
+	| awk '{print  "   "$7}' | sort -u
+}
+
+kernel_spec() {
+    set -- `echo $1 | sed "s;/; ;"`
+    if [ "X$2" == "X" ]; then
+	echo "($1)"
+    else
+	echo "($1)/$2"
+    fi
+}
+
+if2ip_kernel() {
+    T=`echo "pass in on tun100 from $1" | pfctl -a _regress:if2ip -f- \
+	-vf- | awk '{ print $6}' | tr -d "()"` 
+    pfctl -a _pf:_if -t "$T" -Ts | sort
+    pfctl -a _regress:if2ip -qFr
+}
+
+while [ "X$1" != "X" ]; do
+    if [ "$1" == "-q" ]; then
+	QUIET=1
+	shift
+    fi
+    if [ "$1" == "-v" ]; then
+	QUIET=0
+	shift
+    fi
+
+    UIP=`if2ip_user $1`
+    KIF=`kernel_spec $1`
+    KIP=`if2ip_kernel $KIF`
+
+    if [ "$QUIET" == "1" ]; then
+	if [ "$UIP" == "$KIP" ]; then
+	    echo "$1 and $KIF match."
+	else
+	    echo "$1 and $KIF mismatch."
+	fi
+    else
+	echo "$1:"$UIP
+	echo "$KIF:"$KIP
+    fi
+
+    if [ "$UIP" != "$KIP" ]; then
+	exit 1
+    fi
+    shift
+done
diff --git a/regress/sbin/pfctl/pfi1.in b/regress/sbin/pfctl/pfi1.in
new file mode 100644
index 00000000000..add61265fc5
--- /dev/null
+++ b/regress/sbin/pfctl/pfi1.in
@@ -0,0 +1,10 @@
+lo
+lo:network
+lo:peer
+lo:broadcast
+lo/24
+lo:0
+lo:0:network
+lo:0:peer
+lo:0:broadcast
+lo:0/24
diff --git a/regress/sbin/pfctl/pfi1.ok b/regress/sbin/pfctl/pfi1.ok
new file mode 100644
index 00000000000..22f238b3f32
--- /dev/null
+++ b/regress/sbin/pfctl/pfi1.ok
@@ -0,0 +1,20 @@
+lo: 127.0.0.1 ::1 fe80::1
+(lo): 127.0.0.1 ::1 fe80::1
+lo:network: 127.0.0.0/8 ::1
+(lo:network): 127.0.0.0/8 ::1
+lo:peer:
+(lo:peer):
+lo:broadcast:
+(lo:broadcast):
+lo/24: 127.0.0.0/24 ::/24 fe80::/24
+(lo)/24: 127.0.0.0/24 ::/24 fe80::/24
+lo:0: 127.0.0.1 ::1
+(lo:0): 127.0.0.1 ::1
+lo:0:network: 127.0.0.0/8 ::1
+(lo:0:network): 127.0.0.0/8 ::1
+lo:0:peer:
+(lo:0:peer):
+lo:0:broadcast:
+(lo:0:broadcast):
+lo:0/24: 127.0.0.0/24 ::/24
+(lo:0)/24: 127.0.0.0/24 ::/24
diff --git a/regress/sbin/pfctl/pfi2.in b/regress/sbin/pfctl/pfi2.in
new file mode 100644
index 00000000000..d0c016700cf
--- /dev/null
+++ b/regress/sbin/pfctl/pfi2.in
@@ -0,0 +1,12 @@
+-q
+self
+self:network
+self:peer
+self:broadcast
+self/24
+self:0
+self:network:0
+self:peer:0
+self:broadcast:0
+self:0/24
+
diff --git a/regress/sbin/pfctl/pfi2.ok b/regress/sbin/pfctl/pfi2.ok
new file mode 100644
index 00000000000..5f66db15f73
--- /dev/null
+++ b/regress/sbin/pfctl/pfi2.ok
@@ -0,0 +1,10 @@
+self and (self) match.
+self:network and (self:network) match.
+self:peer and (self:peer) match.
+self:broadcast and (self:broadcast) match.
+self/24 and (self)/24 match.
+self:0 and (self:0) match.
+self:network:0 and (self:network:0) match.
+self:peer:0 and (self:peer:0) match.
+self:broadcast:0 and (self:broadcast:0) match.
+self:0/24 and (self:0)/24 match.
diff --git a/regress/sbin/pfctl/pfi3.in b/regress/sbin/pfctl/pfi3.in
new file mode 100644
index 00000000000..2d7f7ef194b
--- /dev/null
+++ b/regress/sbin/pfctl/pfi3.in
@@ -0,0 +1,11 @@
+tun100
+tun100:network
+tun100:peer
+tun100:broadcast
+tun100/24
+tun100:0
+tun100:0:network
+tun100:0:peer
+tun100:0:broadcast
+tun100:0/24
+
diff --git a/regress/sbin/pfctl/pfi3.ok b/regress/sbin/pfctl/pfi3.ok
new file mode 100644
index 00000000000..41c2d3eb383
--- /dev/null
+++ b/regress/sbin/pfctl/pfi3.ok
@@ -0,0 +1,20 @@
+tun100:
+(tun100):
+tun100:network:
+(tun100:network):
+tun100:peer:
+(tun100:peer):
+tun100:broadcast:
+(tun100:broadcast):
+tun100/24:
+(tun100)/24:
+tun100:0:
+(tun100:0):
+tun100:0:network:
+(tun100:0:network):
+tun100:0:peer:
+(tun100:0:peer):
+tun100:0:broadcast:
+(tun100:0:broadcast):
+tun100:0/24:
+(tun100:0)/24: