freebsd-dev/sbin/pfctl/tests/files/pf0013.in

pass in quick on enc0 from any to any
pass in quick on enc0 inet from any to any
pass in quick on enc0 inet6 from any to any

#pass out quick on tun1000000 inet from any to any route-to tun1000001
#pass out quick on tun1000000 from any to 192.168.1.1 route-to tun1000001
#pass out quick on tun1000000 from any to fec0::1 route-to tun1000001

#pass in on tun1000000 proto tcp from any to any port = 21 dup-to (tun1000001 192.168.1.1)
#pass in on tun1000000 proto tcp from any to any port = 21 dup-to (tun1000001 fec0::1)

#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 route-to tun1000001
#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 route-to tun1000001

#pass in on tun1000000 proto tcp from any to any port = 21 reply-to (tun1000001 192.168.1.1)
#pass in on tun1000000 proto tcp from any to any port = 21 reply-to (tun1000001 fec0::1)

#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 reply-to tun1000001
#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 reply-to tun1000001

#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 dup-to (tun1000001 192.168.1.100)
#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 dup-to (tun1000001 fec1::2)
pfctl parser tests Copy the most important test cases from OpenBSD's corresponding src/regress/sbin/pfctl, those that run pfctl on a test input file and check correctness of its output. We have also added some new tests using the same format. The tests consist of a collection of input files (pf.in) and corresponding output files (pf.ok). We run pfctl -nv on the input files and check that the output matches the output files. If any discrepancy is discovered during future development in the source tree, we know that a regression bug has been introduced into the tree. Submitted by: paggas Sponsored by: Google, Inc (GSoC 2017) Differential Revision: https://reviews.freebsd.org/D11322 2017-07-15 19:22:01 +00:00			`pass in quick on enc0 from any to any`
			`pass in quick on enc0 inet from any to any`
			`pass in quick on enc0 inet6 from any to any`

			`#pass out quick on tun1000000 inet from any to any route-to tun1000001`
			`#pass out quick on tun1000000 from any to 192.168.1.1 route-to tun1000001`
			`#pass out quick on tun1000000 from any to fec0::1 route-to tun1000001`

			`#pass in on tun1000000 proto tcp from any to any port = 21 dup-to (tun1000001 192.168.1.1)`
			`#pass in on tun1000000 proto tcp from any to any port = 21 dup-to (tun1000001 fec0::1)`

			`#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 route-to tun1000001`
			`#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 route-to tun1000001`

			`#pass in on tun1000000 proto tcp from any to any port = 21 reply-to (tun1000001 192.168.1.1)`
			`#pass in on tun1000000 proto tcp from any to any port = 21 reply-to (tun1000001 fec0::1)`

			`#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 reply-to tun1000001`
			`#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 reply-to tun1000001`

			`#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 dup-to (tun1000001 192.168.1.100)`
			`#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 dup-to (tun1000001 fec1::2)`