freebsd-dev/sbin/pfctl/tests/files/pf0011.ok

pass in inet proto icmp all icmp-type echorep keep state
pass in inet proto icmp all icmp-type echorep code 0 keep state
pass in inet proto icmp all icmp-type 1 keep state
pass in inet proto icmp all icmp-type 1 code 1 keep state
pass in inet6 proto ipv6-icmp all icmp6-type 0 keep state
pass in inet6 proto ipv6-icmp all icmp6-type 0 code 0 keep state
pass in inet6 proto ipv6-icmp all icmp6-type unreach keep state
pass in inet6 proto ipv6-icmp all icmp6-type unreach code admin-unr keep state
block drop in inet proto icmp all icmp-type echorep
block drop in inet proto icmp all icmp-type echorep code 0
block drop in inet proto icmp all icmp-type 1
block drop in inet proto icmp all icmp-type 1 code 1
block drop in inet6 proto ipv6-icmp all icmp6-type 0
block drop in inet6 proto ipv6-icmp all icmp6-type 0 code 0
block drop in inet6 proto ipv6-icmp all icmp6-type unreach
block drop in inet6 proto ipv6-icmp all icmp6-type unreach code admin-unr
pass in inet proto icmp all icmp-type unreach code needfrag keep state
pass in inet6 proto ipv6-icmp all icmp6-type timex code reassemb keep state
pfctl parser tests Copy the most important test cases from OpenBSD's corresponding src/regress/sbin/pfctl, those that run pfctl on a test input file and check correctness of its output. We have also added some new tests using the same format. The tests consist of a collection of input files (pf.in) and corresponding output files (pf.ok). We run pfctl -nv on the input files and check that the output matches the output files. If any discrepancy is discovered during future development in the source tree, we know that a regression bug has been introduced into the tree. Submitted by: paggas Sponsored by: Google, Inc (GSoC 2017) Differential Revision: https://reviews.freebsd.org/D11322 2017-07-15 19:22:01 +00:00			`pass in inet proto icmp all icmp-type echorep keep state`
			`pass in inet proto icmp all icmp-type echorep code 0 keep state`
			`pass in inet proto icmp all icmp-type 1 keep state`
			`pass in inet proto icmp all icmp-type 1 code 1 keep state`
			`pass in inet6 proto ipv6-icmp all icmp6-type 0 keep state`
			`pass in inet6 proto ipv6-icmp all icmp6-type 0 code 0 keep state`
			`pass in inet6 proto ipv6-icmp all icmp6-type unreach keep state`
			`pass in inet6 proto ipv6-icmp all icmp6-type unreach code admin-unr keep state`
			`block drop in inet proto icmp all icmp-type echorep`
			`block drop in inet proto icmp all icmp-type echorep code 0`
			`block drop in inet proto icmp all icmp-type 1`
			`block drop in inet proto icmp all icmp-type 1 code 1`
			`block drop in inet6 proto ipv6-icmp all icmp6-type 0`
			`block drop in inet6 proto ipv6-icmp all icmp6-type 0 code 0`
			`block drop in inet6 proto ipv6-icmp all icmp6-type unreach`
			`block drop in inet6 proto ipv6-icmp all icmp6-type unreach code admin-unr`
			`pass in inet proto icmp all icmp-type unreach code needfrag keep state`
			`pass in inet6 proto ipv6-icmp all icmp6-type timex code reassemb keep state`