D46655.diff
No OneTemporary
Actions

Size

12 KB

Referenced Files

None

Subscribers

None

D46655.diff
View Options

	diff --git a/tests/sys/netpfil/pf/divert-to.sh b/tests/sys/netpfil/pf/divert-to.sh
	--- a/tests/sys/netpfil/pf/divert-to.sh
	+++ b/tests/sys/netpfil/pf/divert-to.sh
	@@ -51,8 +51,6 @@
	# > outbound > diverted > outbound \| network terminated
	#
	# Test case naming legend:
	-# ipfwon - with ipfw enabled
	-# ipfwoff - with ipfw disabled
	# in - inbound
	# div - diverted
	# out - outbound
	@@ -76,40 +74,21 @@
	fi
	}

	-ipfw_init()
	-{
	- if ! kldstat -q -m ipfw; then
	- atf_skip "This test requires ipfw"
	- fi
	-}
	-
	-assert_ipfw_is_off()
	-{
	- if kldstat -q -m ipfw; then
	- atf_skip "This test is for the case when ipfw is not loaded"
	- fi
	-}
	-
	-atf_test_case "ipfwoff_in_div" "cleanup"
	-ipfwoff_in_div_head()
	+atf_test_case "in_div" "cleanup"
	+in_div_head()
	{
	atf_set descr 'Test inbound > diverted \| divapp terminated'
	atf_set require.user root
	}
	-ipfwoff_in_div_body()
	+in_div_body()
	{
	- local ipfwon
	-
	pft_init
	divert_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	epair=$(vnet_mkepair)
	vnet_mkjail div ${epair}b
	ifconfig ${epair}a 192.0.2.1/24 up
	jexec div ifconfig ${epair}b 192.0.2.2/24 up
	- test $ipfwon && jexec div ipfw add 65534 allow all from any to any

	# Sanity check
	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
	@@ -129,46 +108,26 @@

	wait $divapp_pid
	}
	-ipfwoff_in_div_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwon_in_div" "cleanup"
	-ipfwon_in_div_head()
	-{
	- atf_set descr 'Test inbound > diverted \| divapp terminated, with ipfw enabled'
	- atf_set require.user root
	-}
	-ipfwon_in_div_body()
	-{
	- ipfwoff_in_div_body "ipfwon"
	-}
	-ipfwon_in_div_cleanup()
	+in_div_cleanup()
	{
	pft_cleanup
	}

	-atf_test_case "ipfwoff_in_div_in" "cleanup"
	-ipfwoff_in_div_in_head()
	+atf_test_case "in_div_in" "cleanup"
	+in_div_in_head()
	{
	atf_set descr 'Test inbound > diverted > inbound \| host terminated'
	atf_set require.user root
	}
	-ipfwoff_in_div_in_body()
	+in_div_in_body()
	{
	- local ipfwon
	-
	pft_init
	divert_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	epair=$(vnet_mkepair)
	vnet_mkjail div ${epair}b
	ifconfig ${epair}a 192.0.2.1/24 up
	jexec div ifconfig ${epair}b 192.0.2.2/24 up
	- test $ipfwon && jexec div ipfw add 65534 allow all from any to any

	# Sanity check
	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
	@@ -188,46 +147,26 @@

	wait $divapp_pid
	}
	-ipfwoff_in_div_in_cleanup()
	+in_div_in_cleanup()
	{
	pft_cleanup
	}

	-atf_test_case "ipfwon_in_div_in" "cleanup"
	-ipfwon_in_div_in_head()
	-{
	- atf_set descr 'Test inbound > diverted > inbound \| host terminated, with ipfw enabled'
	- atf_set require.user root
	-}
	-ipfwon_in_div_in_body()
	-{
	- ipfwoff_in_div_in_body "ipfwon"
	-}
	-ipfwon_in_div_in_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwoff_out_div" "cleanup"
	-ipfwoff_out_div_head()
	+atf_test_case "out_div" "cleanup"
	+out_div_head()
	{
	atf_set descr 'Test outbound > diverted \| divapp terminated'
	atf_set require.user root
	}
	-ipfwoff_out_div_body()
	+out_div_body()
	{
	- local ipfwon
	-
	pft_init
	divert_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	epair=$(vnet_mkepair)
	vnet_mkjail div ${epair}b
	ifconfig ${epair}a 192.0.2.1/24 up
	jexec div ifconfig ${epair}b 192.0.2.2/24 up
	- test $ipfwon && jexec div ipfw add 65534 allow all from any to any

	# Sanity check
	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
	@@ -248,46 +187,26 @@

	wait $divapp_pid
	}
	-ipfwoff_out_div_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwon_out_div" "cleanup"
	-ipfwon_out_div_head()
	-{
	- atf_set descr 'Test outbound > diverted \| divapp terminated, with ipfw enabled'
	- atf_set require.user root
	-}
	-ipfwon_out_div_body()
	-{
	- ipfwoff_out_div_body "ipfwon"
	-}
	-ipfwon_out_div_cleanup()
	+out_div_cleanup()
	{
	pft_cleanup
	}

	-atf_test_case "ipfwoff_out_div_out" "cleanup"
	-ipfwoff_out_div_out_head()
	+atf_test_case "out_div_out" "cleanup"
	+out_div_out_head()
	{
	atf_set descr 'Test outbound > diverted > outbound \| network terminated'
	atf_set require.user root
	}
	-ipfwoff_out_div_out_body()
	+out_div_out_body()
	{
	- local ipfwon
	-
	pft_init
	divert_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	epair=$(vnet_mkepair)
	vnet_mkjail div ${epair}b
	ifconfig ${epair}a 192.0.2.1/24 up
	jexec div ifconfig ${epair}b 192.0.2.2/24 up
	- test $ipfwon && jexec div ipfw add 65534 allow all from any to any

	# Sanity check
	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
	@@ -308,40 +227,21 @@

	wait $divapp_pid
	}
	-ipfwoff_out_div_out_cleanup()
	+out_div_out_cleanup()
	{
	pft_cleanup
	}

	-atf_test_case "ipfwon_out_div_out" "cleanup"
	-ipfwon_out_div_out_head()
	-{
	- atf_set descr 'Test outbound > diverted > outbound \| network terminated, with ipfw enabled'
	- atf_set require.user root
	-}
	-ipfwon_out_div_out_body()
	-{
	- ipfwoff_out_div_out_body "ipfwon"
	-}
	-ipfwon_out_div_out_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwoff_in_div_in_fwd_out_div_out" "cleanup"
	-ipfwoff_in_div_in_fwd_out_div_out_head()
	+atf_test_case "in_div_in_fwd_out_div_out" "cleanup"
	+in_div_in_fwd_out_div_out_head()
	{
	atf_set descr 'Test inbound > diverted > inbound > forwarded > outbound > diverted > outbound \| network terminated'
	atf_set require.user root
	}
	-ipfwoff_in_div_in_fwd_out_div_out_body()
	+in_div_in_fwd_out_div_out_body()
	{
	- local ipfwon
	-
	pft_init
	divert_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	# host <a--epair0--b> router <a--epair1--b> site
	epair0=$(vnet_mkepair)
	@@ -352,12 +252,10 @@
	jexec router sysctl net.inet.ip.forwarding=1
	jexec router ifconfig ${epair0}b 192.0.2.2/24 up
	jexec router ifconfig ${epair1}a 198.51.100.1/24 up
	- test $ipfwon && jexec router ipfw add 65534 allow all from any to any

	vnet_mkjail site ${epair1}b
	jexec site ifconfig ${epair1}b 198.51.100.2/24 up
	jexec site route add default 198.51.100.1
	- test $ipfwon && jexec site ipfw add 65534 allow all from any to any

	route add -net 198.51.100.0/24 192.0.2.2

	@@ -385,48 +283,28 @@

	wait $indivapp_pid && wait $outdivapp_pid
	}
	-ipfwoff_in_div_in_fwd_out_div_out_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwon_in_div_in_fwd_out_div_out" "cleanup"
	-ipfwon_in_div_in_fwd_out_div_out_head()
	-{
	- atf_set descr 'Test inbound > diverted > inbound > forwarded > outbound > diverted > outbound \| network terminated, with ipfw enabled'
	- atf_set require.user root
	-}
	-ipfwon_in_div_in_fwd_out_div_out_body()
	-{
	- ipfwoff_in_div_in_fwd_out_div_out_body "ipfwon"
	-}
	-ipfwon_in_div_in_fwd_out_div_out_cleanup()
	+in_div_in_fwd_out_div_out_cleanup()
	{
	pft_cleanup
	}

	-atf_test_case "ipfwoff_in_dn_in_div_in_out_div_out_dn_out" "cleanup"
	-ipfwoff_in_dn_in_div_in_out_div_out_dn_out_head()
	+atf_test_case "in_dn_in_div_in_out_div_out_dn_out" "cleanup"
	+in_dn_in_div_in_out_div_out_dn_out_head()
	{
	atf_set descr 'Test inbound > delayed+diverted > outbound > diverted+delayed > outbound \| network terminated'
	atf_set require.user root
	}
	-ipfwoff_in_dn_in_div_in_out_div_out_dn_out_body()
	+in_dn_in_div_in_out_div_out_dn_out_body()
	{
	- local ipfwon
	-
	pft_init
	divert_init
	dummynet_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	epair=$(vnet_mkepair)
	vnet_mkjail alcatraz ${epair}b
	ifconfig ${epair}a 192.0.2.1/24 up
	ifconfig ${epair}a ether 02:00:00:00:00:01
	jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up
	- test $ipfwon && jexec alcatraz ipfw add 65534 allow all from any to any

	# Sanity check
	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
	@@ -489,41 +367,20 @@

	# }
	}
	-ipfwoff_in_dn_in_div_in_out_div_out_dn_out_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwon_in_dn_in_div_in_out_div_out_dn_out" "cleanup"
	-ipfwon_in_dn_in_div_in_out_div_out_dn_out_head()
	-{
	- atf_set descr 'Test inbound > delayed+diverted > outbound > diverted+delayed > outbound \| network terminated, with ipfw enabled'
	- atf_set require.user root
	-}
	-ipfwon_in_dn_in_div_in_out_div_out_dn_out_body()
	-{
	- ipfwoff_in_dn_in_div_in_out_div_out_dn_out_body "ipfwon"
	-}
	-ipfwon_in_dn_in_div_in_out_div_out_dn_out_cleanup()
	+in_dn_in_div_in_out_div_out_dn_out_cleanup()
	{
	pft_cleanup
	}

	atf_init_test_cases()
	{
	- atf_add_test_case "ipfwoff_in_div"
	- atf_add_test_case "ipfwoff_in_div_in"
	- atf_add_test_case "ipfwon_in_div"
	- atf_add_test_case "ipfwon_in_div_in"
	+ atf_add_test_case "in_div"
	+ atf_add_test_case "in_div_in"

	- atf_add_test_case "ipfwoff_out_div"
	- atf_add_test_case "ipfwoff_out_div_out"
	- atf_add_test_case "ipfwon_out_div"
	- atf_add_test_case "ipfwon_out_div_out"
	+ atf_add_test_case "out_div"
	+ atf_add_test_case "out_div_out"

	- atf_add_test_case "ipfwoff_in_div_in_fwd_out_div_out"
	- atf_add_test_case "ipfwon_in_div_in_fwd_out_div_out"
	+ atf_add_test_case "in_div_in_fwd_out_div_out"

	- atf_add_test_case "ipfwoff_in_dn_in_div_in_out_div_out_dn_out"
	- atf_add_test_case "ipfwon_in_dn_in_div_in_out_div_out_dn_out"
	+ atf_add_test_case "in_dn_in_div_in_out_div_out_dn_out"
	}
	diff --git a/tests/sys/netpfil/pf/if_enc.sh b/tests/sys/netpfil/pf/if_enc.sh
	--- a/tests/sys/netpfil/pf/if_enc.sh
	+++ b/tests/sys/netpfil/pf/if_enc.sh
	@@ -71,24 +71,8 @@
	fi
	}

	-ipfw_init()
	-{
	- if ! kldstat -q -m ipfw; then
	- atf_skip "This test requires ipfw"
	- fi
	-}
	-
	-assert_ipfw_is_off()
	-{
	- if kldstat -q -m ipfw; then
	- atf_skip "This test is for the case when ipfw is not loaded"
	- fi
	-}
	-
	build_test_network()
	{
	- local ipfwon=$1
	-
	alan=$(vnet_mkepair)
	awan=$(vnet_mkepair)
	bwan=$(vnet_mkepair)
	@@ -98,7 +82,6 @@
	vnet_mkjail a ${alan}a
	jexec a ifconfig ${alan}a 1.0.0.11/24 up
	jexec a route add default 1.0.0.1
	- test $ipfwon && jexec a ipfw add 65534 allow all from any to any

	# host agw
	vnet_mkjail agw ${alan}b ${awan}a
	@@ -106,14 +89,12 @@
	jexec agw ifconfig ${awan}a 2.0.0.22/24 up
	jexec agw route add default 2.0.0.1
	jexec agw sysctl net.inet.ip.forwarding=1
	- test $ipfwon && jexec agw ipfw add 65534 allow all from any to any

	# host wan
	vnet_mkjail wan ${awan}b ${bwan}b
	jexec wan ifconfig ${awan}b 2.0.0.1/24 up
	jexec wan ifconfig ${bwan}b 3.0.0.1/24 up
	jexec wan sysctl net.inet.ip.forwarding=1
	- test $ipfwon && jexec wan ipfw add 65534 allow all from any to any

	# host bgw
	vnet_mkjail bgw ${bwan}a ${blan}b
	@@ -121,13 +102,11 @@
	jexec bgw ifconfig ${blan}b 4.0.0.1/24 up
	jexec bgw route add default 3.0.0.1
	jexec bgw sysctl net.inet.ip.forwarding=1
	- test $ipfwon && jexec bgw ipfw add 65534 allow all from any to any

	# host b
	vnet_mkjail b ${blan}a
	jexec b ifconfig ${blan}a 4.0.0.44/24 up
	jexec b route add default 4.0.0.1
	- test $ipfwon && jexec b ipfw add 65534 allow all from any to any

	# Office A VPN setup
	echo '
	@@ -146,23 +125,19 @@
	' \| jexec bgw setkey -c
	}

	-atf_test_case "ipfwoff_ip4_pfil_in_after_stripping" "cleanup"
	-ipfwoff_ip4_pfil_in_after_stripping_head()
	+atf_test_case "ip4_pfil_in_after_stripping" "cleanup"
	+ip4_pfil_in_after_stripping_head()
	{
	- atf_set descr 'Test that pf pulls up mbuf if m_len==0 after stripping the outer header, with ipfw disabled'
	+ atf_set descr 'Test that pf pulls up mbuf if m_len==0 after stripping the outer header'
	atf_set require.user root
	atf_set require.progs nc
	}
	-ipfwoff_ip4_pfil_in_after_stripping_body()
	+ip4_pfil_in_after_stripping_body()
	{
	- local ipfwon
	-
	pft_init
	if_enc_init
	- test "$1" == "ipfwon" && ipfwon="yes"
	- test $ipfwon && ipfw_init \|\| assert_ipfw_is_off

	- build_test_network $ipfwon
	+ build_test_network

	# Sanity check
	atf_check -s exit:0 -o ignore jexec a ping -c3 4.0.0.44
	@@ -192,29 +167,12 @@
	jexec b kill -KILL $nc_pid # in a fail case the catcher may listen forever
	atf_check_equal "$spell" "$(cat ./receiver)"
	}
	-ipfwoff_ip4_pfil_in_after_stripping_cleanup()
	-{
	- pft_cleanup
	-}
	-
	-atf_test_case "ipfwon_ip4_pfil_in_after_stripping" "cleanup"
	-ipfwon_ip4_pfil_in_after_stripping_head()
	-{
	- atf_set descr 'Test that pf pulls up mbuf if m_len==0 after stripping the outer header, with ipfw enabled'
	- atf_set require.user root
	- atf_set require.progs nc
	-}
	-ipfwon_ip4_pfil_in_after_stripping_body()
	-{
	- ipfwoff_ip4_pfil_in_after_stripping_body "ipfwon"
	-}
	-ipfwon_ip4_pfil_in_after_stripping_cleanup()
	+ip4_pfil_in_after_stripping_cleanup()
	{
	pft_cleanup
	}

	atf_init_test_cases()
	{
	- atf_add_test_case "ipfwoff_ip4_pfil_in_after_stripping"
	- atf_add_test_case "ipfwon_ip4_pfil_in_after_stripping"
	+ atf_add_test_case "ip4_pfil_in_after_stripping"
	}

File Metadata

Mime Type: text/plain
Expires: Sat, Jan 18, 11:39 PM (12 h, 32 m)
Storage Engine: blob
Storage Format: Raw Data
Storage Handle: 15905205
Default Alt Text: D46655.diff (12 KB)

D46655.diffNo OneTemporaryActions

D46655.diffView Options

File Metadata

Event Timeline

D46655.diff
No OneTemporary
Actions

D46655.diff
View Options