Lines Matching +full:user +full:- +full:visible
2 # SPDX-License-Identifier: BSD-2-Clause
36 atf_set require.user root
52 jexec cl pfctl -e
59 jexec cl pfctl -x loud
61 jexec cl tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> pflog.txt &
65 atf_check -s exit:0 -o ignore \
66 jexec srv ping -c 1 192.0.2.2
69 --sendif ${epair}b \
70 --to 192.0.2.2 \
71 --send-nop \
72 --recvif ${epair}b
74 …atf_check -o match:".*rule 0/8\(ip-option\): block in on ${epair}a: 192.0.2.1 > 192.0.2.2: ICMP ec…
87 atf_set require.user root
102 atf_check -s exit:0 -o ignore \
103 ping -c 1 192.0.2.1
105 jexec alcatraz pfctl -e
112 jexec alcatraz tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> ${PWD}/pflog.txt &
115 atf_check -s exit:0 -o ignore \
116 ping -c 1 192.0.2.1
119 jexec alcatraz pfctl -sr -vv
121 jexec alcatraz pfctl -ss -vv
125 …atf_check -o match:".*rule 0/0\(match\): match in on ${epair}a: 192.0.2.2 > 192.0.2.1: ICMP echo r…
127 …atf_check -o match:".*rule 1/0\(match\): match in on ${epair}a: 192.0.2.2 > 192.0.2.1: ICMP echo r…
140 atf_set require.user root
155 atf_check -s exit:0 -o ignore \
156 ping -c 1 192.0.2.1
158 jexec alcatraz pfctl -e
167 jexec alcatraz tcpdump -n -e -ttt --immediate-mode -l -U -i pflog1 >> ${PWD}/pflog1.txt &
168 jexec alcatraz tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> ${PWD}/pflog0.txt &
171 atf_check -s exit:0 -o ignore \
172 ping -c 1 192.0.2.1
175 jexec alcatraz pfctl -sr -vv
177 jexec alcatraz pfctl -ss -vv
183 …atf_check -o match:".*rule 0/0\(match\): match in on ${epair}a: 192.0.2.2 > 192.0.2.1: ICMP echo r…
185 …atf_check -o match:".*rule 1/0\(match\): match in on ${epair}a: 192.0.2.2 > 192.0.2.1: ICMP echo r…
198 atf_set require.user root
213 atf_check -s exit:0 -o ignore \
214 ping -c 1 192.0.2.1
216 jexec alcatraz pfctl -e
220 jexec alcatraz tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> ${PWD}/pflog.txt &
223 atf_check -s exit:0 -o ignore \
224 ping -c 1 192.0.2.1
226 atf_check -s exit:2 -o ignore \
227 ping -c 1 192.0.2.1
230 jexec alcatraz pfctl -sr -vv
232 jexec alcatraz pfctl -ss -vv
237 …atf_check -o match:".*rule 0/0\(match\): pass in on ${epair}a: 192.0.2.2 > 192.0.2.1: ICMP echo re…
241 …atf_check -o match:".*rule 0/12\(state-limit\): block in on ${epair}a: 192.0.2.2 > 192.0.2.1: ICMP…
248 atf_check -o match:3 grep -c . pflog.txt
254 atf_check -s exit:0 -o ignore \
255 ping -c 1 192.0.2.1
257 atf_check -s exit:2 -o ignore \
258 ping -c 1 192.0.2.1
260 atf_check -o match:3 grep -c . pflog.txt
271 atf_set descr 'Ensure that packets to the unspecified address are visible to pfil hooks'
272 atf_set require.user root
283 jexec alcatraz pfctl -e
287 jexec alcatraz tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> pflog.txt &
290 atf_check -s not-exit:0 -o ignore -e ignore \
291 jexec alcatraz ping -S 127.0.0.1 -c 1 0.0.0.0
293 atf_check -o match:".*: block out on lo0: 127.0.0.1 > 0.0.0.0: ICMP echo request,.*" \
305 atf_set descr 'Ensure that packets to the unspecified address are visible to pfil hooks'
306 atf_set require.user root
315 jexec alcatraz route -6 add ::0 ::1
317 jexec alcatraz pfctl -e
321 jexec alcatraz tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> pflog.txt &
324 atf_check -s not-exit:0 -o ignore -e ignore \
325 jexec alcatraz ping -6 -S ::1 -c 1 ::0
328 atf_check -o match:".*: block out on lo0: ::1 > ::: ICMP6, echo request,.*" \
341 atf_set require.user root
357 # No default route in srv jail, to ensure we're NAT-ing
364 jexec ${j}gw pfctl -e
367 …"rdr log on ${epair_srv}b proto tcp from 198.51.100.0/24 to any port 1234 -> 192.0.2.2 port 1234" \
371 jexec ${j}gw tcpdump -n -e -ttt --immediate-mode -l -U -i pflog0 >> ${PWD}/pflog.txt &
375 jexec ${j}srv nc -N -w 0 198.51.100.2 1234
380 # log line generated for rdr hit (pre-NAT)
381 …atf_check -o match:".*.*rule 0/0\(match\): rdr in on ${epair_srv}b: 198.51.100.1.[0-9]* > 198.51.1…
384 # log line generated for pass hit (post-NAT)
385 …atf_check -o match:".*.*rule 1/0\(match\): pass in on ${epair_srv}b: 198.51.100.1.[0-9]* > 192.0.2…
389 atf_check -o match:2 grep -c . pflog.txt