1# $FreeBSD$ 2 3. $(atf_get_srcdir)/utils.subr 4 5atf_test_case "basic" "cleanup" 6basic_head() 7{ 8 atf_set descr 'Basic pfsync test' 9 atf_set require.user root 10 11 atf_set require.progs scapy 12} 13 14basic_body() 15{ 16 pfsynct_init 17 18 epair_sync=$(pft_mkepair) 19 epair_one=$(pft_mkepair) 20 epair_two=$(pft_mkepair) 21 22 pft_mkjail one ${epair_one}a ${epair_sync}a 23 pft_mkjail two ${epair_two}a ${epair_sync}b 24 25 # pfsync interface 26 jexec one ifconfig ${epair_sync}a 192.0.2.1/24 up 27 jexec one ifconfig ${epair_one}a 198.51.100.1/24 up 28 jexec one ifconfig pfsync0 \ 29 syncdev ${epair_sync}a \ 30 maxupd 1 \ 31 up 32 jexec two ifconfig ${epair_two}a 198.51.100.2/24 up 33 jexec two ifconfig ${epair_sync}b 192.0.2.2/24 up 34 jexec two ifconfig pfsync0 \ 35 syncdev ${epair_sync}b \ 36 maxupd 1 \ 37 up 38 39 # Enable pf! 40 jexec one pfctl -e 41 pft_set_rules one \ 42 "set skip on ${epair_sync}a" \ 43 "pass keep state" 44 jexec two pfctl -e 45 pft_set_rules two \ 46 "set skip on ${epair_sync}b" \ 47 "pass keep state" 48 49 ifconfig ${epair_one}b 198.51.100.254/24 up 50 51 ping -c 1 -S 198.51.100.254 198.51.100.1 52 53 # Give pfsync time to do its thing 54 sleep 2 55 56 if ! jexec two pfctl -s states | grep icmp | grep 198.51.100.1 | \ 57 grep 198.51.100.2 ; then 58 atf_fail "state not found on synced host" 59 fi 60} 61 62basic_cleanup() 63{ 64 pfsynct_cleanup 65} 66 67atf_init_test_cases() 68{ 69 atf_add_test_case "basic" 70} 71