d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7d0368ee34
freebsd-dev/sbin/pfctl/tests/files/pf0004.ok

63 lines
4.7 KiB
Plaintext
Raw Normal View History

pfctl parser tests Copy the most important test cases from OpenBSD's corresponding src/regress/sbin/pfctl, those that run pfctl on a test input file and check correctness of its output. We have also added some new tests using the same format. The tests consist of a collection of input files (pf*.in) and corresponding output files (pf*.ok). We run pfctl -nv on the input files and check that the output matches the output files. If any discrepancy is discovered during future development in the source tree, we know that a regression bug has been introduced into the tree. Submitted by: paggas Sponsored by: Google, Inc (GSoC 2017) Differential Revision: https://reviews.freebsd.org/D11322
2017-07-15 19:22:01 +00:00
block drop in all
block drop in proto tcp all
block drop in proto tcp all
block drop in proto udp all
block drop in all
block drop in inet from 10.0.0.0/8 to any
block drop in inet from ! 10.0.0.0/8 to any
block drop in inet from 10.0.0.0/8 to any
block drop in inet from 172.16.0.0/12 to any
block drop in proto tcp from any port = ssh to any
block drop in proto tcp from any port = ssh to any port 1024:2048
block drop in proto tcp from any port 21 >< 2048 to any port 1024:2048
block drop in proto tcp from any port != 1234 to any port 1024:2048
block drop in proto tcp from any port >= 80 to any port 1024:2048
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 12.34.56.78 port 6669:65535
Reference in New Issue Copy Permalink