From abd9217aeb0955bf4867ee37af69cb6ea3072c2d Mon Sep 17 00:00:00 2001 From: Theo de Raadt Date: Thu, 23 Aug 2001 04:29:58 +0000 Subject: new tests --- regress/sbin/pfctl/Makefile | 10 +++++----- regress/sbin/pfctl/pf4.in | 3 ++- regress/sbin/pfctl/pf5.in | 6 ++++++ regress/sbin/pfctl/pf5.ok | 11 +++++++++++ regress/sbin/pfctl/pf6.in | 2 ++ regress/sbin/pfctl/pf6.ok | 2 ++ 6 files changed, 28 insertions(+), 6 deletions(-) create mode 100644 regress/sbin/pfctl/pf5.in create mode 100644 regress/sbin/pfctl/pf5.ok create mode 100644 regress/sbin/pfctl/pf6.in create mode 100644 regress/sbin/pfctl/pf6.ok (limited to 'regress/sbin/pfctl') diff --git a/regress/sbin/pfctl/Makefile b/regress/sbin/pfctl/Makefile index 210ee7991bd..3ec0d047560 100644 --- a/regress/sbin/pfctl/Makefile +++ b/regress/sbin/pfctl/Makefile @@ -1,12 +1,12 @@ -# $OpenBSD: Makefile,v 1.3 2001/08/19 16:31:06 dhartmei Exp $ +# $OpenBSD: Makefile,v 1.4 2001/08/23 04:29:57 deraadt Exp $ NOMAN= NOPROG= -PFTESTS=1 2 3 4 +PFTESTS=1 2 3 4 5 6 pfail1: - @pfctl -nvR- < ${.CURDIR}/pfail1.in > /dev/null 2>&1 || \ - echo 'test pfail1 should fail' + @pfctl -nv -R - < ${.CURDIR}/pfail1.in > /dev/null 2>&1 || \ + echo 'test pfail1 fails as expected' .for n in ${PFTESTS} regress: pf${n} @@ -15,7 +15,7 @@ pf${n}: pf${n}.out @cmp -s ${.CURDIR}/pf${n}.ok pf${n}.out || \ echo 'test pf${n} output does not match expected output' pf${n}.out: - pfctl -nvR- < ${.CURDIR}/pf${n}.in > $@ + pfctl -nv -R - < ${.CURDIR}/pf${n}.in > $@ .PHONY: pf${n} regress CLEANFILES+=pf${n}.out diff --git a/regress/sbin/pfctl/pf4.in b/regress/sbin/pfctl/pf4.in index 03e1bc8f514..b100497c0b0 100644 --- a/regress/sbin/pfctl/pf4.in +++ b/regress/sbin/pfctl/pf4.in @@ -10,4 +10,5 @@ block in from { 10.0.0.0/8, 172.16.0.0/12 } to any block in proto tcp from any port = ssh to any block in proto tcp from any port { ssh, ftp >< 2048, != 1234, >= www } to any -block in proto { tcp, udp } from { 10.0.0.0/8, 172.16.0.0/12 } port { ssh, ftp } to { 192.168.0.0/16, 12.34.56.78 } port { 6667, 6668 } keep state +block in proto { tcp, udp } from { 10.0.0.0/8, 172.16.0.0/12 } port { ssh, ftp } \ + to { 192.168.0.0/16, 12.34.56.78 } port { 6667, 6668 } keep state diff --git a/regress/sbin/pfctl/pf5.in b/regress/sbin/pfctl/pf5.in new file mode 100644 index 00000000000..0122763ffdf --- /dev/null +++ b/regress/sbin/pfctl/pf5.in @@ -0,0 +1,6 @@ +foo = "ssh, ftp" +bar = "other thing" +inside="10.0.0.0/8" + +block in proto udp from $inside port { echo, $foo, ident } \ + to 12.34.56.78 port { 6667, 0x10 } keep state diff --git a/regress/sbin/pfctl/pf5.ok b/regress/sbin/pfctl/pf5.ok new file mode 100644 index 00000000000..4bebcdffdfa --- /dev/null +++ b/regress/sbin/pfctl/pf5.ok @@ -0,0 +1,11 @@ +foo = ssh, ftp +bar = other thing +inside = 10.0.0.0/8 +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = 113 to 12.34.56.78 port = 16 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = 113 to 12.34.56.78 port = 6667 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = 21 to 12.34.56.78 port = 16 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = 21 to 12.34.56.78 port = 6667 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = ssh to 12.34.56.78 port = 16 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = ssh to 12.34.56.78 port = 6667 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = echo to 12.34.56.78 port = 16 keep state +@1 block in proto udp from 10.0.0.0/255.0.0.0 port = echo to 12.34.56.78 port = 6667 keep state diff --git a/regress/sbin/pfctl/pf6.in b/regress/sbin/pfctl/pf6.in new file mode 100644 index 00000000000..1194e71941b --- /dev/null +++ b/regress/sbin/pfctl/pf6.in @@ -0,0 +1,2 @@ +a=b +c=x diff --git a/regress/sbin/pfctl/pf6.ok b/regress/sbin/pfctl/pf6.ok new file mode 100644 index 00000000000..29ac49025ad --- /dev/null +++ b/regress/sbin/pfctl/pf6.ok @@ -0,0 +1,2 @@ +a = b +c = x -- cgit v1.2.3