Lines Matching +full:two +full:- +full:user
2 # SPDX-License-Identifier: BSD-2-Clause-FreeBSD
32 if ! kldstat -q -m sctp; then
41 atf_set require.user root
57 atf_check -s exit:0 -o ignore \
58 jexec ${j}a ping -c 1 192.0.2.2
60 jexec ${j}a pfctl -e
65 echo "foo" | jexec ${j}a nc --sctp -N -l 1234 &
70 out=$(jexec ${j}b nc --sctp -N -w 3 192.0.2.1 1234)
81 echo "foo" | jexec ${j}a nc --sctp -N -l 1234 &
84 out=$(jexec ${j}b nc --sctp -N -w 3 192.0.2.1 1234)
90 echo "foo" | jexec ${j}a nc --sctp -N -l 1235 &
93 out=$(jexec ${j}b nc --sctp -N -w 3 192.0.2.1 1235)
99 out=$(jexec ${j}b nc --sctp -N -w 3 -p 1234 192.0.2.1 1235)
114 atf_set require.user root
131 atf_check -s exit:0 -o ignore \
132 jexec ${j}a ping -6 -c 1 2001:db8::b
134 jexec ${j}a pfctl -e
139 echo "foo" | jexec ${j}a nc -6 --sctp -N -l 1234 &
144 out=$(jexec ${j}b nc --sctp -N -w 3 2001:db8::a 1234)
155 echo "foo" | jexec ${j}a nc -6 --sctp -N -l 1234 &
158 out=$(jexec ${j}b nc --sctp -N -w 3 2001:db8::a 1234)
164 echo "foo" | jexec ${j}a nc -6 --sctp -N -l 1235 &
167 out=$(jexec ${j}b nc --sctp -N -w 3 2001:db8::a 1235)
173 out=$(jexec ${j}b nc --sctp -N -w 3 -p 1234 2001:db8::a 1235)
188 atf_set require.user root
204 atf_check -s exit:0 -o ignore \
205 jexec ${j}a ping -c 1 192.0.2.2
207 jexec ${j}a pfctl -e
212 echo "foo" | jexec ${j}a nc --sctp -N -l 1234 &
217 out=$(jexec ${j}b nc --sctp -N -w 3 -p 1234 192.0.2.1 1234)
223 jexec ${j}a pfctl -ss -v
225 echo "foo" | jexec ${j}a nc --sctp -N -l 1234 &
230 out=$(jexec ${j}b nc --sctp -N -w 3 -p 1234 192.0.2.1 1234)
234 jexec ${j}a pfctl -ss -v
246 atf_set require.user root
263 atf_check -s exit:0 -o ignore \
264 jexec ${j}a ping -c 1 192.0.2.2
266 jexec ${j}a pfctl -e
270 echo "foo" | jexec ${j}a nc --sctp -N -l 1234 &
277 out=$(jexec ${j}b timeout 3 nc --sctp -N 192.0.2.1 1234)
278 if [ $? -eq 124 ]; then
289 out=$(jexec ${j}b timeout 3 nc --sctp -N 192.0.2.1 1234)
290 if [ $? -ne 124 ]; then
304 atf_set require.user root
321 atf_check -s exit:0 -o ignore \
322 jexec ${j}a ping -6 -c 1 2001:db8::b
324 jexec ${j}a pfctl -e
328 echo "foo" | jexec ${j}a nc -6 --sctp -N -l 1234 &
335 out=$(jexec ${j}b timeout 3 nc --sctp -N 2001:db8::a 1234)
336 if [ $? -eq 124 ]; then
347 out=$(jexec ${j}b timeout 3 nc --sctp -N 2001:db8::a 1234)
348 if [ $? -ne 124 ]; then
361 atf_set descr 'Test NAT-ing SCTP over IPv4'
362 atf_set require.user root
378 # No default route in srv jail, to ensure we're NAT-ing
385 jexec ${j}gw pfctl -e
387 "nat on ${epair_srv}b from 192.0.2.0/24 -> (${epair_srv}b)" \
391 atf_check -s exit:0 -o ignore \
392 jexec ${j}c ping -c 1 198.51.100.1
394 echo "foo" | jexec ${j}srv nc --sctp -N -l 1234 &
399 out=$(jexec ${j}c nc --sctp -N -w 3 198.51.100.1 1234)
413 atf_set descr 'Test NAT-ing SCTP over IPv6'
414 atf_set require.user root
430 # No default route in srv jail, to ensure we're NAT-ing
435 jexec ${j}c route add -6 default 2001:db8:1::1
437 jexec ${j}gw pfctl -e
439 "nat on ${epair_srv}b from 2001:db8:1::/64 -> (${epair_srv}b)" \
443 atf_check -s exit:0 -o ignore \
444 jexec ${j}c ping -6 -c 1 2001:db8::1
446 echo "foo" | jexec ${j}srv nc -6 --sctp -N -l 1234 &
451 out=$(jexec ${j}c nc --sctp -N -w 3 2001:db8::1 1234)
466 atf_set require.user root
482 # No default route in srv jail, to ensure we're NAT-ing
489 jexec ${j}gw pfctl -e
491 …"rdr pass on ${epair_srv}b proto sctp from 198.51.100.0/24 to any port 1234 -> 192.0.2.2 port 1234…
494 echo "foo" | jexec ${j}c nc --sctp -N -l 1234 &
499 out=$(jexec ${j}srv nc --sctp -N -w 3 198.51.100.2 1234)
505 echo "bar" | jexec ${j}c nc --sctp -N -l 1234 &
508 …"rdr pass on ${epair_srv}b proto sctp from 198.51.100.0/24 to any port 1234 -> 192.0.2.2 port 4321…
512 out=$(jexec ${j}srv nc --sctp -N -w 3 198.51.100.2 4321)
518 out=$(jexec ${j}srv nc --sctp -N -w 3 198.51.100.2 1234)
532 atf_set descr 'Test pfsync-ing SCTP connections'
533 atf_set require.user root
541 # router one to router two.
552 # │ one ├─┤ two │
566 if ! kldstat -q -m carp
616 vnet_mkjail ${j}two ${epair_two0}b ${epair_two1}b ${epair_sync}b
617 jexec ${j}two ifconfig ${epair_two0}b 192.0.2.4/24 up
618 jexec ${j}two ifconfig ${epair_two0}b \
620 jexec ${j}two ifconfig ${epair_two1}b 198.51.100.4/24 up
621 jexec ${j}two ifconfig ${epair_two1}b \
623 jexec ${j}two ifconfig ${epair_sync}b 203.0.113.2/24 up
624 jexec ${j}two ifconfig pfsync0 \
628 jexec ${j}two sysctl net.inet.ip.forwarding=1
634 # Demote two, to avoid dealing with asymmetric routing
635 jexec ${j}two sysctl net.inet.carp.demotion=50
637 jexec ${j}one pfctl -e
644 jexec ${j}two pfctl -e
645 pft_set_rules ${j}two \
655 atf_check -s exit:0 -o ignore \
656 jexec ${j}c ping -c 1 198.51.100.1
660 tail -F ${tmp}/input | jexec ${j}srv nc --sctp -l 1234 &
663 jexec ${j}c nc --sctp 198.51.100.1 1234 > ${tmp}/output &
668 line=$(tail -n -1 ${tmp}/output)
676 # Verify that two has the connection too
677 state=$(jexec ${j}two pfctl -ss | grep sctp)
678 if [ -z "${state}" ];
680 jexec ${j}two pfctl -ss
697 atf_check -s exit:0 -o ignore \
698 jexec ${j}c ping -c 1 198.51.100.1
703 line=$(tail -n -1 ${tmp}/output)
721 atf_set require.user root
734 atf_check -s exit:0 -o match:"sctp.first.*13" \
735 jexec timeout pfctl -st
736 atf_check -s exit:0 -o match:"sctp.opening.*14" \
737 jexec timeout pfctl -st
739 atf_check -s exit:0 -o match:"sctp.established.*86400" \
740 jexec timeout pfctl -st
752 atf_set require.user root
785 atf_check -s exit:0 -o ignore \
786 ping -c 1 192.0.2.2
787 atf_check -s exit:0 -o ignore \
788 ping -c 1 198.51.100.1
789 atf_check -s exit:0 -o ignore \
790 ping -c 1 198.51.100.2
791 atf_check -s exit:0 -o ignore \
792 ping -c 1 203.0.113.1
793 atf_check -s exit:0 -o ignore \
794 ping -c 1 203.0.113.2
796 jexec rtr pfctl -e
802 echo "foo" | jexec srv nc --sctp -N -l 1234 &
805 out=$(nc --sctp -N -w 3 203.0.113.2 1234)
807 jexec rtr pfctl -ss -vv
808 jexec rtr pfctl -sr -vv
813 echo "foo" | jexec srv nc --sctp -l 1234 >/dev/null &
816 atf_check -s exit:0 -o not-match:".*destination unreachable:.*" \
817 netstat -s -p icmp
820 # ICMP unreachable - need to frag (mtu 1300) message
821 dd if=/dev/random bs=10000 count=1 | nc --sctp -N -w 3 203.0.113.2 1234
824 atf_check -s exit:0 -o match:".*destination unreachable: [1-9]" \
825 netstat -s -p icmp