4d7709ddf6
Copy the most important test cases from OpenBSD's corresponding src/regress/sbin/pfctl, those that run pfctl on a test input file and check correctness of its output. We have also added some new tests using the same format. The tests consist of a collection of input files (pf*.in) and corresponding output files (pf*.ok). We run pfctl -nv on the input files and check that the output matches the output files. If any discrepancy is discovered during future development in the source tree, we know that a regression bug has been introduced into the tree. Submitted by: paggas Sponsored by: Google, Inc (GSoC 2017) Differential Revision: https://reviews.freebsd.org/D11322
68 lines
3.3 KiB
Plaintext
68 lines
3.3 KiB
Plaintext
pass in on lo0 all label ""
|
|
|
|
pass in all label "$if"
|
|
pass in on lo0 all label "$if"
|
|
pass in on lo0 all label "$if$if"
|
|
|
|
pass in on lo0 all label "$srcaddr"
|
|
pass in on lo0 from 0/0 to any label "$srcaddr"
|
|
pass in on lo0 from 127.0.0.1 to any label "$srcaddr"
|
|
pass in on lo0 from 127.0.0.1 to any label "$srcaddr$srcaddr"
|
|
pass in on lo0 from 127.0.0.1 to any label ":$srcaddr:$srcaddr:"
|
|
pass in on lo0 from 127.0.0.1/8 to any label "$srcaddr"
|
|
pass in on lo0 from 127.0.0.1/16 to any label "$srcaddr$srcaddr"
|
|
pass in on lo0 from 127.0.0.1/31 to any label ":$srcaddr:$srcaddr:"
|
|
pass in on lo0 inet6 from fe80::1 to any label "$srcaddr"
|
|
pass in on lo0 inet6 from fe80::1 to any label "$srcaddr$srcaddr"
|
|
pass in on lo0 inet6 from fe80::1 to any label ":$srcaddr:$srcaddr:"
|
|
pass in on lo0 inet6 from lo0/8 to any label "$srcaddr"
|
|
pass in on lo0 inet6 from lo0/64 to any label "$srcaddr$srcaddr"
|
|
pass in on lo0 inet6 from lo0/127 to any label ":$srcaddr:$srcaddr:"
|
|
|
|
pass in on lo0 all label "!$dstaddr!"
|
|
pass in on lo0 inet from any to (lo0) label "$dstaddr"
|
|
pass in on lo0 inet from any to (lo0) label "$dstaddr$dstaddr"
|
|
pass in on lo0 inet from any to (lo0) label " $dstaddr $dstaddr "
|
|
pass in on lo0 from any to ! 127.0.0.1/8 label "$dstaddr"
|
|
pass in on lo0 from any to ! 127.0.0.1/16 label "$dstaddr$dstaddr"
|
|
pass in on lo0 from any to ! 127.0.0.1/31 label " $dstaddr $dstaddr "
|
|
pass in on lo0 inet6 from any to ! (lo0) label "$dstaddr"
|
|
pass in on lo0 inet6 from any to ! (lo0) label "$dstaddr$dstaddr"
|
|
pass in on lo0 inet6 from any to ! (lo0) label " $dstaddr $dstaddr "
|
|
pass in on lo0 inet6 from any to ! ::1/8 label "$dstaddr"
|
|
pass in on lo0 inet6 from any to ! ::1/64 label "$dstaddr$dstaddr"
|
|
pass in on lo0 inet6 from any to ! ::1/127 label " $dstaddr $dstaddr "
|
|
|
|
pass in on lo0 all label "x$srcportx"
|
|
pass in on lo0 proto tcp from any port = 28 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port 28 >< 29 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port 28 <> 29 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port 28:29 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port != 28 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port < 28 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port <= 28 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port > 28 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port >= 28 to any label "$srcport"
|
|
pass in on lo0 proto tcp from any port = 28 to any label "$srcport$srcport"
|
|
pass in on lo0 proto tcp from any port = 28 to any label "$$srcport$$srcport$"
|
|
|
|
pass in on lo0 all label "$dstport"
|
|
pass in on lo0 proto udp from any to any port = 29 label "$dstport"
|
|
pass in on lo0 proto udp from any to any port != 29 label "$dstport$dstport"
|
|
pass in on lo0 proto udp from any to any port > 29 label "x$dstportx$dstportx"
|
|
|
|
pass in on lo0 all label "$proto"
|
|
pass in on lo0 proto esp all label "$proto"
|
|
pass in on lo0 proto esp all label "$proto$proto"
|
|
pass in on lo0 proto esp all label "-$proto-$proto-"
|
|
pass in on lo0 proto 166 all label "$proto"
|
|
pass in on lo0 proto 166 all label "$proto$proto"
|
|
pass in on lo0 proto 166 all label "_$proto_$proto_"
|
|
|
|
pass in on lo0 all label "$nr"
|
|
pass in on lo0 all label "$nr$nr"
|
|
pass in on lo0 all label "%$nr%$nr%"
|
|
|
|
pass in on lo0 proto tcp from 127.0.0.1 port = 30 to 127.0.0.2 port = 44 \
|
|
label "if $if proto $proto $srcaddr $srcport $dstaddr $dstport"
|