1# $FreeBSD$ 2 3. $(atf_get_srcdir)/utils.subr 4 5atf_test_case "basic" "cleanup" 6basic_head() 7{ 8 atf_set descr 'Basic pfsync test' 9 atf_set require.user root 10} 11 12basic_body() 13{ 14 common_body 15} 16 17common_body() 18{ 19 defer=$1 20 pfsynct_init 21 22 epair_sync=$(pft_mkepair) 23 epair_one=$(pft_mkepair) 24 epair_two=$(pft_mkepair) 25 26 pft_mkjail one ${epair_one}a ${epair_sync}a 27 pft_mkjail two ${epair_two}a ${epair_sync}b 28 29 # pfsync interface 30 jexec one ifconfig ${epair_sync}a 192.0.2.1/24 up 31 jexec one ifconfig ${epair_one}a 198.51.100.1/24 up 32 jexec one ifconfig pfsync0 \ 33 syncdev ${epair_sync}a \ 34 maxupd 1 \ 35 $defer \ 36 up 37 jexec two ifconfig ${epair_two}a 198.51.100.2/24 up 38 jexec two ifconfig ${epair_sync}b 192.0.2.2/24 up 39 jexec two ifconfig pfsync0 \ 40 syncdev ${epair_sync}b \ 41 maxupd 1 \ 42 $defer \ 43 up 44 45 # Enable pf! 46 jexec one pfctl -e 47 pft_set_rules one \ 48 "set skip on ${epair_sync}a" \ 49 "pass keep state" 50 jexec two pfctl -e 51 pft_set_rules two \ 52 "set skip on ${epair_sync}b" \ 53 "pass keep state" 54 55 ifconfig ${epair_one}b 198.51.100.254/24 up 56 57 ping -c 1 -S 198.51.100.254 198.51.100.1 58 59 # Give pfsync time to do its thing 60 sleep 2 61 62 if ! jexec two pfctl -s states | grep icmp | grep 198.51.100.1 | \ 63 grep 198.51.100.2 ; then 64 atf_fail "state not found on synced host" 65 fi 66} 67 68basic_cleanup() 69{ 70 pfsynct_cleanup 71} 72 73atf_test_case "defer" "cleanup" 74defer_head() 75{ 76 atf_set descr 'Defer mode pfsync test' 77 atf_set require.user root 78} 79 80defer_body() 81{ 82 common_body defer 83} 84 85defer_cleanup() 86{ 87 pfsynct_cleanup 88} 89 90atf_init_test_cases() 91{ 92 atf_add_test_case "basic" 93 atf_add_test_case "defer" 94} 95