freebsd-dev/sbin/pfctl/tests/files/pf0004.in

block in all
block in proto tcp all
block in proto { tcp, udp } all

block in from any to any
block in from 10.0.0.0/8 to any
block in from ! 10.0.0.0/8 to any
block in from { 10.0.0.0/8, 172.16.0.0/12 } to any

block in proto tcp from any port = ssh to any
block in proto tcp from any port { ssh, ftp >< 2048, != 1234, >= www } \
	to any port 1024:2048

block in proto { tcp, udp } from { 10.0.0.0/8, 172.16.0.0/12 } port { ssh, ftp } \
	to { 192.168.0.0/16, 12.34.56.78 } port { 6667, 6668, 6669:65535 }
pfctl parser tests Copy the most important test cases from OpenBSD's corresponding src/regress/sbin/pfctl, those that run pfctl on a test input file and check correctness of its output. We have also added some new tests using the same format. The tests consist of a collection of input files (pf.in) and corresponding output files (pf.ok). We run pfctl -nv on the input files and check that the output matches the output files. If any discrepancy is discovered during future development in the source tree, we know that a regression bug has been introduced into the tree. Submitted by: paggas Sponsored by: Google, Inc (GSoC 2017) Differential Revision: https://reviews.freebsd.org/D11322 2017-07-15 19:22:01 +00:00			`block in all`
			`block in proto tcp all`
			`block in proto { tcp, udp } all`

			`block in from any to any`
			`block in from 10.0.0.0/8 to any`
			`block in from ! 10.0.0.0/8 to any`
			`block in from { 10.0.0.0/8, 172.16.0.0/12 } to any`

			`block in proto tcp from any port = ssh to any`
			`block in proto tcp from any port { ssh, ftp >< 2048, != 1234, >= www } \`
			`to any port 1024:2048`

			`block in proto { tcp, udp } from { 10.0.0.0/8, 172.16.0.0/12 } port { ssh, ftp } \`
			`to { 192.168.0.0/16, 12.34.56.78 } port { 6667, 6668, 6669:65535 }`