pf tests: Test automatically generated tables

Add a test case where the pfctl optimizer will generate a table automatically. These tables have long names, which we accidentally broke in the nvlist ADDRULE ioctl. Reviewed by: melifaro MFC after: 2 weeks Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D29989
2021-04-26 11:14:44 +02:00 · 2021-04-26 11:14:44 +02:00 · 08d7730821
commit 08d7730821
parent 402dfb0a8d
1 changed files with 38 additions and 0 deletions
--- a/tests/sys/netpfil/pf/table.sh
+++ b/tests/sys/netpfil/pf/table.sh
@ -146,9 +146,47 @@ pr251414_cleanup()
 	pft_cleanup
 }

+atf_test_case "automatic" "cleanup"
+automatic_head()
+{
+	atf_set descr "Test automatic - optimizer generated - tables"
+	atf_set require.user root
+}
+
+automatic_body()
+{
+	pft_init
+
+	epair=$(vnet_mkepair)
+	ifconfig ${epair}a 192.0.2.1/24 up
+
+	vnet_mkjail alcatraz ${epair}b
+	jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up
+	jexec alcatraz pfctl -e
+
+	pft_set_rules alcatraz \
+		"block in" \
+		"pass in proto icmp from 192.0.2.1" \
+		"pass in proto icmp from 192.0.2.3" \
+		"pass in proto icmp from 192.0.2.4" \
+		"pass in proto icmp from 192.0.2.5" \
+		"pass in proto icmp from 192.0.2.6" \
+		"pass in proto icmp from 192.0.2.7" \
+		"pass in proto icmp from 192.0.2.8" \
+		"pass in proto icmp from 192.0.2.9"
+
+	atf_check -s exit:0 -o ignore ping -c 1 192.0.2.2
+}
+
+automatic_cleanup()
+{
+	pft_cleanup
+}
+
 atf_init_test_cases()
 {
 	atf_add_test_case "v4_counters"
 	atf_add_test_case "v6_counters"
 	atf_add_test_case "pr251414"
+	atf_add_test_case "automatic"
 }