d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7d0368ee34
freebsd-dev/sbin/pfctl/tests/files/pf0004.ok
Kristof Provost 4d7709ddf6 pfctl parser tests 
Copy the most important test cases from OpenBSD's corresponding
src/regress/sbin/pfctl, those that run pfctl on a test input file and check
correctness of its output. We have also added some new tests using the same
format.

The tests consist of a collection of input files (pf*.in) and
corresponding output files (pf*.ok). We run pfctl -nv on the input
files and check that the output matches the output files. If any
discrepancy is discovered during future development in the source
tree, we know that a regression bug has been introduced into the tree.

Submitted by:	paggas
Sponsored by:	Google, Inc (GSoC 2017)
Differential Revision:	https://reviews.freebsd.org/D11322
2017-07-15 19:22:01 +00:00

63 lines
4.7 KiB
Plaintext
Raw Blame History

block drop in all
block drop in proto tcp all
block drop in proto tcp all
block drop in proto udp all
block drop in all
block drop in inet from 10.0.0.0/8 to any
block drop in inet from ! 10.0.0.0/8 to any
block drop in inet from 10.0.0.0/8 to any
block drop in inet from 172.16.0.0/12 to any
block drop in proto tcp from any port = ssh to any
block drop in proto tcp from any port = ssh to any port 1024:2048
block drop in proto tcp from any port 21 >< 2048 to any port 1024:2048
block drop in proto tcp from any port != 1234 to any port 1024:2048
block drop in proto tcp from any port >= 80 to any port 1024:2048
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = ircd
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto tcp from 10.0.0.0/8 port = ftp to 12.34.56.78 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = ircd
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto tcp from 172.16.0.0/12 port = ftp to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6667
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto udp from 10.0.0.0/8 port = ftp to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ssh to 12.34.56.78 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 192.168.0.0/16 port 6669:65535
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6667
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 12.34.56.78 port = 6668
block drop in inet proto udp from 172.16.0.0/12 port = ftp to 12.34.56.78 port 6669:65535
Reference in New Issue View Git Blame Copy Permalink