netpfil/pf/status.sh

*a9d7ff4eSKristof Provost#
*a9d7ff4eSKristof Provost# SPDX-License-Identifier: BSD-2-Clause
*a9d7ff4eSKristof Provost#
*a9d7ff4eSKristof Provost# Copyright (c) 2024 Rubicon Communications, LLC (Netgate)
*a9d7ff4eSKristof Provost#
*a9d7ff4eSKristof Provost# Redistribution and use in source and binary forms, with or without
*a9d7ff4eSKristof Provost# modification, are permitted provided that the following conditions
*a9d7ff4eSKristof Provost# are met:
*a9d7ff4eSKristof Provost# 1. Redistributions of source code must retain the above copyright
*a9d7ff4eSKristof Provost#    notice, this list of conditions and the following disclaimer.
*a9d7ff4eSKristof Provost# 2. Redistributions in binary form must reproduce the above copyright
*a9d7ff4eSKristof Provost#    notice, this list of conditions and the following disclaimer in the
*a9d7ff4eSKristof Provost#    documentation and/or other materials provided with the distribution.
*a9d7ff4eSKristof Provost#
*a9d7ff4eSKristof Provost# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
*a9d7ff4eSKristof Provost# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
*a9d7ff4eSKristof Provost# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
*a9d7ff4eSKristof Provost# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
*a9d7ff4eSKristof Provost# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
*a9d7ff4eSKristof Provost# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
*a9d7ff4eSKristof Provost# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
*a9d7ff4eSKristof Provost# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
*a9d7ff4eSKristof Provost# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
*a9d7ff4eSKristof Provost# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
*a9d7ff4eSKristof Provost# SUCH DAMAGE.
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost. $(atf_get_srcdir)/utils.subr
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provostatf_test_case "basic" "cleanup"
*a9d7ff4eSKristof Provostbasic_head()
*a9d7ff4eSKristof Provost{
*a9d7ff4eSKristof Provost	atf_set descr 'Basic get/clear status test case'
*a9d7ff4eSKristof Provost	atf_set require.user root
*a9d7ff4eSKristof Provost}
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provostbasic_body()
*a9d7ff4eSKristof Provost{
*a9d7ff4eSKristof Provost	pft_init
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	epair=$(vnet_mkepair)
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	vnet_mkjail one ${epair}a
*a9d7ff4eSKristof Provost	jexec one ifconfig ${epair}a 192.0.2.1/24 up
*a9d7ff4eSKristof Provost	vnet_mkjail two ${epair}b
*a9d7ff4eSKristof Provost	jexec two ifconfig ${epair}b 192.0.2.2/24 up
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	jexec one pfctl -e
*a9d7ff4eSKristof Provost	pft_set_rules one "pass"
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	# Sanity check
*a9d7ff4eSKristof Provost	atf_check -s exit:0 -o ignore \
*a9d7ff4eSKristof Provost	    jexec two ping -c 1 192.0.2.1
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	atf_check -s exit:0 -o not-match:'searches[[:space:]]+0' \
*a9d7ff4eSKristof Provost	    jexec one pfctl -si
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	atf_check -s exit:0 -o ignore -e ignore \
*a9d7ff4eSKristof Provost	    jexec one pfctl -Fi
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provost	atf_check -s exit:0 -o match:'searches[[:space:]]+0' \
*a9d7ff4eSKristof Provost	    jexec one pfctl -si
*a9d7ff4eSKristof Provost}
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provostbasic_cleanup()
*a9d7ff4eSKristof Provost{
*a9d7ff4eSKristof Provost	pft_cleanup
*a9d7ff4eSKristof Provost}
*a9d7ff4eSKristof Provost
*a9d7ff4eSKristof Provostatf_init_test_cases()
*a9d7ff4eSKristof Provost{
*a9d7ff4eSKristof Provost	atf_add_test_case "basic"
*a9d7ff4eSKristof Provost}
*a9d7ff4eSKristof Provost