4d7709ddf6
Copy the most important test cases from OpenBSD's corresponding src/regress/sbin/pfctl, those that run pfctl on a test input file and check correctness of its output. We have also added some new tests using the same format. The tests consist of a collection of input files (pf*.in) and corresponding output files (pf*.ok). We run pfctl -nv on the input files and check that the output matches the output files. If any discrepancy is discovered during future development in the source tree, we know that a regression bug has been introduced into the tree. Submitted by: paggas Sponsored by: Google, Inc (GSoC 2017) Differential Revision: https://reviews.freebsd.org/D11322
23 lines
1.2 KiB
Plaintext
23 lines
1.2 KiB
Plaintext
pass in quick on enc0 from any to any
|
|
pass in quick on enc0 inet from any to any
|
|
pass in quick on enc0 inet6 from any to any
|
|
|
|
#pass out quick on tun1000000 inet from any to any route-to tun1000001
|
|
#pass out quick on tun1000000 from any to 192.168.1.1 route-to tun1000001
|
|
#pass out quick on tun1000000 from any to fec0::1 route-to tun1000001
|
|
|
|
#pass in on tun1000000 proto tcp from any to any port = 21 dup-to (tun1000001 192.168.1.1)
|
|
#pass in on tun1000000 proto tcp from any to any port = 21 dup-to (tun1000001 fec0::1)
|
|
|
|
#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 route-to tun1000001
|
|
#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 route-to tun1000001
|
|
|
|
#pass in on tun1000000 proto tcp from any to any port = 21 reply-to (tun1000001 192.168.1.1)
|
|
#pass in on tun1000000 proto tcp from any to any port = 21 reply-to (tun1000001 fec0::1)
|
|
|
|
#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 reply-to tun1000001
|
|
#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 reply-to tun1000001
|
|
|
|
#pass in quick on tun1000000 from 192.168.1.1/32 to 10.1.1.1/32 dup-to (tun1000001 192.168.1.100)
|
|
#pass in quick on tun1000000 from fec0::1/64 to fec1::2/128 dup-to (tun1000001 fec1::2)
|