divert-to.sh - OpenGrok cross reference for /freebsd/tests/sys/netpfil/pf/divert-to.sh

Lines Matching +full:pass +full:- +full:1
2 # SPDX-License-Identifier: BSD-2-Clause
9 # 1. Redistributions of source code must retain the above copyright
28 # pf divert-to action test cases
30 #  -----------|           |--     |----|     ----|            |-----------
31 # ( ) inbound |pf_check_in|  ) -> |host| -> ( )  |pf_check_out| outbound  )
32 #  -----------|     |     |--     |----|     ----|     |      |-----------
35 #                |------|                           |------|
37 #                |------|                           |------|
40 #   - inbound > diverted               | divapp terminated
41 #   - inbound > diverted > inbound     | host terminated
42 #   - inbound > diverted > outbound    | network terminated
43 #   - outbound > diverted              | divapp terminated
44 #   - outbound > diverted > outbound   | network terminated
45 #   - outbound > diverted > inbound    | e.g. host terminated
48 #   - inbound > diverted > inbound > forwarded
50 #   - inbound > diverted > inbound > forwarded
54 # in - inbound
55 # div - diverted
56 # out - outbound
57 # fwd - forwarded
58 # dn - delayed by dummynet
65 	if ! kldstat -q -m ipdivert; then
72 	if ! kldstat -q -m dummynet; then
94 	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
96 	jexec div pfctl -e
98 		"pass all" \
99 		"pass in inet proto icmp icmp-type echoreq divert-to 127.0.0.1 port 2000"
104 	sleep 1
107 	atf_check -s not-exit:0 -o ignore ping -c1 -t1 192.0.2.2
133 	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
135 	jexec div pfctl -e
137 		"pass all" \
138 		"pass in inet proto icmp icmp-type echoreq divert-to 127.0.0.1 port 2000 no state"
140 	jexec div $(atf_get_srcdir)/../common/divapp 2000 divert-back &
143 	sleep 1
146 	atf_check -s exit:0 -o ignore ping -c1 192.0.2.2
172 	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
174 	jexec div pfctl -e
176 		"pass all" \
177 		"pass in inet proto icmp icmp-type echoreq no state" \
178 		"pass out inet proto icmp icmp-type echorep divert-to 127.0.0.1 port 2000 no state"
183 	sleep 1
186 	atf_check -s not-exit:0 -o ignore ping -c1 -t1 192.0.2.2
212 	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
214 	jexec div pfctl -e
216 		"pass all" \
217 		"pass in inet proto icmp icmp-type echoreq no state" \
218 		"pass out inet proto icmp icmp-type echorep divert-to 127.0.0.1 port 2000 no state"
220 	jexec div $(atf_get_srcdir)/../common/divapp 2000 divert-back &
223 	sleep 1
226 	atf_check -s exit:0 -o ignore ping -c1 192.0.2.2
246 	# host <a--epair0--b> router <a--epair1--b> site
252 	jexec router sysctl net.inet.ip.forwarding=1
260 	route add -net 198.51.100.0/24 192.0.2.2
263 	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
266 	atf_check -s exit:0 -o ignore ping -c3 198.51.100.2
268 	jexec router pfctl -e
270 		"pass all" \
271 		"pass in inet proto icmp icmp-type echoreq divert-to 127.0.0.1 port 2001 no state" \
272 		"pass out inet proto icmp icmp-type echoreq divert-to 127.0.0.1 port 2002 no state"
274 	jexec router $(atf_get_srcdir)/../common/divapp 2001 divert-back &
276 	jexec router $(atf_get_srcdir)/../common/divapp 2002 divert-back &
279 	sleep 1
282 	atf_check -s exit:0 -o ignore ping -c1 198.51.100.2
310 	atf_check -s exit:0 -o ignore ping -c3 192.0.2.2
314 	jexec alcatraz dnctl pipe 1001 config bw 1Byte/s
315 	jexec alcatraz dnctl pipe 1002 config bw 1Byte/s
317 	jexec alcatraz pfctl -e
319 		"ether pass in from 02:00:00:00:00:01 l3 all dnpipe 1001" \
320 		"ether pass out to 02:00:00:00:00:01 l3 all dnpipe 1002 " \
321 		"pass all" \
322 		"pass in inet proto icmp icmp-type echoreq divert-to 127.0.0.1 port 1001 no state" \
323 		"pass out inet proto icmp icmp-type echorep divert-to 127.0.0.1 port 1002 no state"
325 	jexec alcatraz $(atf_get_srcdir)/../common/divapp 1001 divert-back &
327 	jexec alcatraz $(atf_get_srcdir)/../common/divapp 1002 divert-back &
330 	sleep 1
332 	atf_check -s not-exit:0 -o ignore ping -c1 -s56 -t1 192.0.2.2
346 	jexec alcatraz pfctl -e
348 		"ether pass in from 02:00:00:00:00:01 l3 all dnpipe 2001" \
349 		"ether pass out to 02:00:00:00:00:01 l3 all dnpipe 2002 " \
350 		"pass all" \
351 		"pass in inet proto icmp icmp-type echoreq divert-to 127.0.0.1 port 2001 no state" \
352 		"pass out inet proto icmp icmp-type echorep divert-to 127.0.0.1 port 2002 no state"
354 	jexec alcatraz $(atf_get_srcdir)/../common/divapp 2001 divert-back &
356 	jexec alcatraz $(atf_get_srcdir)/../common/divapp 2002 divert-back &
359 	sleep 1
361 	atf_check -s exit:0 -o ignore ping -c1 -s56 -t1 192.0.2.2