diff --git a/tests/sys/net/if_ovpn/if_ovpn.sh b/tests/sys/net/if_ovpn/if_ovpn.sh index 51d21b826e72..5500dd9f1f41 100644 --- a/tests/sys/net/if_ovpn/if_ovpn.sh +++ b/tests/sys/net/if_ovpn/if_ovpn.sh @@ -91,6 +91,8 @@ atf_test_case "4in4" "cleanup" # Give the tunnel time to come up sleep 10 + atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.1 + echo 'foo' | jexec b nc -u -w 2 192.0.2.1 1194 atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1 } @@ -702,7 +704,6 @@ route_to_body() vnet_mkjail a ${l}a jexec a ifconfig ${l}a 192.0.2.1/24 up - jexec a ifconfig ${l}a inet alias 198.51.100.254/24 vnet_mkjail b ${l}b ${n}a jexec b ifconfig ${l}b 192.0.2.2/24 up jexec b ifconfig ${n}a up @@ -751,26 +752,23 @@ route_to_body() # Give the tunnel time to come up sleep 10 + jexec a ifconfig ovpn0 inet alias 198.51.100.254/24 # Check the tunnel - atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.1 - atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.254 + atf_check -s exit:0 -o ignore jexec b ping -c 1 -S 198.51.100.2 198.51.100.1 + atf_check -s exit:0 -o ignore jexec b ping -c 1 -S 198.51.100.2 198.51.100.254 - # Break our routes so that we need a route-to to make things work. - jexec b ifconfig ${n}a 198.51.100.3/24 - atf_check -s exit:2 -o ignore jexec b ping -c 1 -t 1 -S 198.51.100.2 198.51.100.254 + # Break our route to .254 so that we need a route-to to make things work. + jexec b ifconfig ${n}a 203.0.113.1/24 up + jexec b route add 198.51.100.254 -interface ${n}a + + # Make sure it's broken. + atf_check -s exit:2 -o ignore jexec b ping -c 1 -S 198.51.100.2 198.51.100.254 jexec b pfctl -e pft_set_rules b \ "pass out route-to (tun0 198.51.100.1) proto icmp from 198.51.100.2 " atf_check -s exit:0 -o ignore jexec b ping -c 3 -S 198.51.100.2 198.51.100.254 - - # And this keeps working even if we don't have a route to 198.51.100.0/24 via if_ovpn - jexec b route del -net 198.51.100.0/24 - jexec b route add -net 198.51.100.0/24 -interface ${n}a - pft_set_rules b \ - "pass out route-to (tun0 198.51.100.3) proto icmp from 198.51.100.2 " - atf_check -s exit:0 -o ignore jexec b ping -c 3 -S 198.51.100.2 198.51.100.254 } route_to_cleanup()