3 files changed, 37 insertions, 5 deletions

diff --git a/regress/sbin/pfctl/pf7.in b/regress/sbin/pfctl/pf7.in
index 1ce5b162236..02514df9cdd 100644
--- a/regress/sbin/pfctl/pf7.in
+++ b/regress/sbin/pfctl/pf7.in
@@ -25,6 +25,8 @@ pass out on tun1000000 proto udp all keep state
 pass in on tun1000000 proto udp from any to any port = domain keep state
 
 pass out on tun1000000 proto tcp all modulate state
+pass in on tun1000000 proto { tcp udp icmp } all modulate state
+pass in on tun1000000 proto { udp tcp icmp } all flags S/SA synproxy state
 
 pass in on tun1000000 proto tcp from any to any port = ssh    modulate state
 pass in on tun1000000 proto tcp from any to any port = smtp   modulate state
diff --git a/regress/sbin/pfctl/pf7.loaded b/regress/sbin/pfctl/pf7.loaded
index 979319d5d97..c6502260b93 100644
--- a/regress/sbin/pfctl/pf7.loaded
+++ b/regress/sbin/pfctl/pf7.loaded
@@ -63,22 +63,46 @@
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
 @16 pass out on tun1000000 proto tcp all modulate state
-  [ Skip steps: i=end f=end p=end sa=end sp=end da=end ]
+  [ Skip steps: i=end f=end p=18 sa=end sp=end da=end dp=23 ]
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
-@17 pass in on tun1000000 proto tcp from any to any port = ssh modulate state
+@17 pass in on tun1000000 proto tcp all modulate state
+  [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=23 ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
+@18 pass in on tun1000000 proto udp all keep state
+  [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=23 ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
+@19 pass in on tun1000000 proto icmp all keep state
+  [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=23 ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
+@20 pass in on tun1000000 proto udp all keep state
+  [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=23 ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
+@21 pass in on tun1000000 proto tcp all flags S/SA synproxy state
+  [ Skip steps: i=end d=end f=end sa=end sp=end da=end dp=23 ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
+@22 pass in on tun1000000 proto icmp all keep state
+  [ Skip steps: i=end d=end f=end sa=end sp=end da=end ]
+  [ queue: qname= qid=0 pqname= pqid=0 ]
+  [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
+@23 pass in on tun1000000 proto tcp from any to any port = ssh modulate state
   [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ]
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
-@18 pass in on tun1000000 proto tcp from any to any port = smtp modulate state
+@24 pass in on tun1000000 proto tcp from any to any port = smtp modulate state
   [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ]
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
-@19 pass in on tun1000000 proto tcp from any to any port = domain modulate state
+@25 pass in on tun1000000 proto tcp from any to any port = domain modulate state
   [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end ]
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
-@20 pass in on tun1000000 proto tcp from any to any port = auth modulate state
+@26 pass in on tun1000000 proto tcp from any to any port = auth modulate state
   [ Skip steps: i=end d=end f=end p=end sa=end sp=end da=end dp=end ]
   [ queue: qname= qid=0 pqname= pqid=0 ]
   [ Evaluations: 0         Packets: 0         Bytes: 0           States: 0     ]
diff --git a/regress/sbin/pfctl/pf7.ok b/regress/sbin/pfctl/pf7.ok
index dfe7573a1bc..8af3a52d37d 100644
--- a/regress/sbin/pfctl/pf7.ok
+++ b/regress/sbin/pfctl/pf7.ok
@@ -15,6 +15,12 @@ pass in on tun1000000 inet proto icmp all icmp-type echoreq code 0 keep state
 pass out on tun1000000 proto udp all keep state
 pass in on tun1000000 proto udp from any to any port = domain keep state
 pass out on tun1000000 proto tcp all modulate state
+pass in on tun1000000 proto tcp all modulate state
+pass in on tun1000000 proto udp all keep state
+pass in on tun1000000 proto icmp all keep state
+pass in on tun1000000 proto udp all keep state
+pass in on tun1000000 proto tcp all flags S/SA synproxy state
+pass in on tun1000000 proto icmp all keep state
 pass in on tun1000000 proto tcp from any to any port = ssh modulate state
 pass in on tun1000000 proto tcp from any to any port = smtp modulate state
 pass in on tun1000000 proto tcp from any to any port = domain modulate state