summaryrefslogtreecommitdiff
path: root/regress
diff options
context:
space:
mode:
authorAlexander Bluhm <bluhm@cvs.openbsd.org>2019-06-04 11:01:34 +0000
committerAlexander Bluhm <bluhm@cvs.openbsd.org>2019-06-04 11:01:34 +0000
commit66f91efebdbf4edd1625345288c725e35553f325 (patch)
tree3f576271d8289328937a185e2f5eeac74f25a217 /regress
parent377a54d38adc79e23ee512a3ba38562a5888e590 (diff)
To avoid SYN retransmit, kill local tcp pf state that will be reused.
This makes the state reuse tests faster and more reliable.
Diffstat (limited to 'regress')
-rw-r--r--regress/sys/net/pf_divert/Makefile22
1 files changed, 17 insertions, 5 deletions
diff --git a/regress/sys/net/pf_divert/Makefile b/regress/sys/net/pf_divert/Makefile
index 497561aa13d..c708b9da214 100644
--- a/regress/sys/net/pf_divert/Makefile
+++ b/regress/sys/net/pf_divert/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.20 2017/12/26 17:03:46 bluhm Exp $
+# $OpenBSD: Makefile,v 1.21 2019/06/04 11:01:33 bluhm Exp $
# The following ports must be installed for the regression tests:
# p5-IO-Socket-INET6 object interface for AF_INET and AF_INET6 domain sockets
@@ -180,16 +180,28 @@ run-regress-${inet}-reuse-${proto}-${first}-${second}:
${SUDO} tcpdrop \
${LOCAL_${addr}} `cat client.port` \
${FAKE_${addr}} `cat server.port`
+ # to avoid SYN retransmit, kill local tcp state that will be reused
+.if "inet" == ${inet}
+ ${SUDO} pfctl -k key -k '${proto} ${LOCAL_${addr}}:'`cat client.port`' <- ${FAKE_${addr}}:'`cat server.port`''
+.elif "inet6" == ${inet}
+ ${SUDO} pfctl -k key -k '${proto} ${LOCAL_${addr}}['`cat client.port`'] <- ${FAKE_${addr}}['`cat server.port`']'
+.endif
.else # "to" == ${first}
+ # to avoid SYN retransmit, kill local tcp state that will be reused
+.if "inet" == ${inet}
+ ${SUDO} pfctl -k key -k '${proto} ${LOCAL_${addr}}:'`cat server.port`' -> ${FAKE_${addr}}:'`cat client.port`''
+.elif "inet6" == ${inet}
+ ${SUDO} pfctl -k key -k '${proto} ${LOCAL_${addr}}['`cat server.port`'] -> ${FAKE_${addr}}['`cat client.port`']'
+.endif
# tcp socket is in time wait so state must still exist
ssh ${REMOTE_SSH} ${SUDO} pfctl -ss | \
- egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat client.port`\]?' .. ${LOCAL_${addr}}:?\[?'`cat server.port`'\]? '
+ egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat client.port`'\]? .. ${LOCAL_${addr}}:?\[?'`cat server.port`'\]? '
ssh ${REMOTE_SSH} ${SUDO} tcpdrop \
${FAKE_${addr}} `cat client.port` \
${LOCAL_${addr}} `cat server.port`
# divert-to state disappeared when the tcp socket was dropped
ssh ${REMOTE_SSH} ${SUDO} pfctl -ss | ! \
- egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat client.port`\]?' .. ${LOCAL_${addr}}:?\[?'`cat server.port`'\]? '
+ egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat client.port`'\]? .. ${LOCAL_${addr}}:?\[?'`cat server.port`'\]? '
.endif
.endif
.if "to" == ${first}
@@ -218,12 +230,12 @@ run-regress-${inet}-reuse-${proto}-${first}-${second}:
.else # "to" == ${second}
# dropping the server tcp socket in time wait must remove the state
ssh ${REMOTE_SSH} ${SUDO} pfctl -ss | \
- egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat server.port`\]?' .. ${LOCAL_${addr}}:?\[?'`cat client.port`'\]? '
+ egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat server.port`'\]? .. ${LOCAL_${addr}}:?\[?'`cat client.port`'\]? '
ssh ${REMOTE_SSH} ${SUDO} tcpdrop \
${FAKE_${addr}} `cat server.port` \
${LOCAL_${addr}} `cat client.port`
ssh ${REMOTE_SSH} ${SUDO} pfctl -ss | ! \
- egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat server.port`\]?' .. ${LOCAL_${addr}}:?\[?'`cat client.port`'\]? '
+ egrep 'all ${proto} ${FAKE_${addr}}:?\[?'`cat server.port`'\]? .. ${LOCAL_${addr}}:?\[?'`cat client.port`'\]? '
.endif
.endif
# states must disappear after connected socket has been closed
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-26 20:02:23 +0000