19d3b2bcfSKristof Provost# 2*4d846d26SWarner Losh# SPDX-License-Identifier: BSD-2-Clause 39d3b2bcfSKristof Provost# 49d3b2bcfSKristof Provost# Copyright (c) 2021 Rubicon Communications, LLC (Netgate) 59d3b2bcfSKristof Provost# 69d3b2bcfSKristof Provost# Redistribution and use in source and binary forms, with or without 79d3b2bcfSKristof Provost# modification, are permitted provided that the following conditions 89d3b2bcfSKristof Provost# are met: 99d3b2bcfSKristof Provost# 1. Redistributions of source code must retain the above copyright 109d3b2bcfSKristof Provost# notice, this list of conditions and the following disclaimer. 119d3b2bcfSKristof Provost# 2. Redistributions in binary form must reproduce the above copyright 129d3b2bcfSKristof Provost# notice, this list of conditions and the following disclaimer in the 139d3b2bcfSKristof Provost# documentation and/or other materials provided with the distribution. 149d3b2bcfSKristof Provost# 159d3b2bcfSKristof Provost# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 169d3b2bcfSKristof Provost# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 179d3b2bcfSKristof Provost# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 189d3b2bcfSKristof Provost# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 199d3b2bcfSKristof Provost# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 209d3b2bcfSKristof Provost# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 219d3b2bcfSKristof Provost# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 229d3b2bcfSKristof Provost# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 239d3b2bcfSKristof Provost# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 249d3b2bcfSKristof Provost# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 259d3b2bcfSKristof Provost# SUCH DAMAGE. 269d3b2bcfSKristof Provost 279d3b2bcfSKristof Provost. $(atf_get_srcdir)/utils.subr 289d3b2bcfSKristof Provost 299d3b2bcfSKristof Provostatf_test_case "v4" "cleanup" 309d3b2bcfSKristof Provostv4_head() 319d3b2bcfSKristof Provost{ 329d3b2bcfSKristof Provost atf_set descr 'tos matching test' 339d3b2bcfSKristof Provost atf_set require.user root 349d3b2bcfSKristof Provost} 359d3b2bcfSKristof Provost 369d3b2bcfSKristof Provostv4_body() 379d3b2bcfSKristof Provost{ 389d3b2bcfSKristof Provost pft_init 399d3b2bcfSKristof Provost 409d3b2bcfSKristof Provost epair=$(vnet_mkepair) 419d3b2bcfSKristof Provost ifconfig ${epair}a 192.0.2.1/24 up 429d3b2bcfSKristof Provost 439d3b2bcfSKristof Provost vnet_mkjail alcatraz ${epair}b 449d3b2bcfSKristof Provost jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up 459d3b2bcfSKristof Provost jexec alcatraz pfctl -e 469d3b2bcfSKristof Provost 479d3b2bcfSKristof Provost pft_set_rules alcatraz "pass" \ 489d3b2bcfSKristof Provost "block in tos va" 499d3b2bcfSKristof Provost 509d3b2bcfSKristof Provost atf_check -s exit:0 -o ignore ping -t 1 -c 1 192.0.2.2 519d3b2bcfSKristof Provost atf_check -s exit:2 -o ignore ping -t 1 -c 1 -z 0xb0 192.0.2.2 529d3b2bcfSKristof Provost} 539d3b2bcfSKristof Provost 549d3b2bcfSKristof Provostv4_cleanup() 559d3b2bcfSKristof Provost{ 569d3b2bcfSKristof Provost pft_cleanup 579d3b2bcfSKristof Provost} 589d3b2bcfSKristof Provost 599d3b2bcfSKristof Provostatf_test_case "v6" "cleanup" 609d3b2bcfSKristof Provostv6_head() 619d3b2bcfSKristof Provost{ 629d3b2bcfSKristof Provost atf_set descr 'IPv6 tos matching test' 639d3b2bcfSKristof Provost atf_set require.user root 649d3b2bcfSKristof Provost} 659d3b2bcfSKristof Provost 669d3b2bcfSKristof Provostv6_body() 679d3b2bcfSKristof Provost{ 689d3b2bcfSKristof Provost pft_init 699d3b2bcfSKristof Provost 709d3b2bcfSKristof Provost epair=$(vnet_mkepair) 719d3b2bcfSKristof Provost ifconfig ${epair}a inet6 2001:db8:42::1/64 up no_dad -ifdisabled 729d3b2bcfSKristof Provost 739d3b2bcfSKristof Provost vnet_mkjail alcatraz ${epair}b 749d3b2bcfSKristof Provost jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 \ 759d3b2bcfSKristof Provost up no_dad -ifdisabled 769d3b2bcfSKristof Provost jexec alcatraz pfctl -e 779d3b2bcfSKristof Provost 789d3b2bcfSKristof Provost pft_set_rules alcatraz "pass" \ 799d3b2bcfSKristof Provost "block in tos va" 809d3b2bcfSKristof Provost 819d3b2bcfSKristof Provost atf_check -s exit:0 -o ignore ping6 -t 1 -c 1 2001:db8:42::2 829d3b2bcfSKristof Provost atf_check -s exit:2 -o ignore ping6 -t 1 -c 1 -z 176 2001:db8:42::2 839d3b2bcfSKristof Provost} 849d3b2bcfSKristof Provost 859d3b2bcfSKristof Provostv6_cleanup() 869d3b2bcfSKristof Provost{ 879d3b2bcfSKristof Provost pft_cleanup 889d3b2bcfSKristof Provost} 899d3b2bcfSKristof Provost 909d3b2bcfSKristof Provostatf_init_test_cases() 919d3b2bcfSKristof Provost{ 929d3b2bcfSKristof Provost atf_add_test_case "v4" 939d3b2bcfSKristof Provost atf_add_test_case "v6" 949d3b2bcfSKristof Provost} 95