xref: /freebsd/tests/sys/netpfil/pf/tos.sh (revision 0fca6ea1d4eea4c934cfff25ac9ee8ad6fe95583) 
1#
2# SPDX-License-Identifier: BSD-2-Clause
3#
4# Copyright (c) 2021 Rubicon Communications, LLC (Netgate)
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10#    notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12#    notice, this list of conditions and the following disclaimer in the
13#    documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26
27. $(atf_get_srcdir)/utils.subr
28
29atf_test_case "v4" "cleanup"
30v4_head()
31{
32	atf_set descr 'tos matching test'
33	atf_set require.user root
34}
35
36v4_body()
37{
38	pft_init
39
40	epair=$(vnet_mkepair)
41	ifconfig ${epair}a 192.0.2.1/24 up
42
43	vnet_mkjail alcatraz ${epair}b
44	jexec alcatraz ifconfig ${epair}b 192.0.2.2/24 up
45	jexec alcatraz pfctl -e
46
47	pft_set_rules alcatraz "pass" \
48		"block in tos va"
49
50	atf_check -s exit:0 -o ignore ping -t 1 -c 1 192.0.2.2
51	atf_check -s exit:2 -o ignore ping -t 1 -c 1 -z 0xb0 192.0.2.2
52}
53
54v4_cleanup()
55{
56	pft_cleanup
57}
58
59atf_test_case "v6" "cleanup"
60v6_head()
61{
62	atf_set descr 'IPv6 tos matching test'
63	atf_set require.user root
64}
65
66v6_body()
67{
68	pft_init
69
70	epair=$(vnet_mkepair)
71	ifconfig ${epair}a inet6 2001:db8:42::1/64 up no_dad -ifdisabled
72
73	vnet_mkjail alcatraz ${epair}b
74	jexec alcatraz ifconfig ${epair}b inet6 2001:db8:42::2/64 \
75		up no_dad -ifdisabled
76	jexec alcatraz pfctl -e
77
78	pft_set_rules alcatraz "pass" \
79		"block in tos va"
80
81	atf_check -s exit:0 -o ignore ping6 -t 1 -c 1 2001:db8:42::2
82	atf_check -s exit:2 -o ignore ping6 -t 1 -c 1 -z 176 2001:db8:42::2
83}
84
85v6_cleanup()
86{
87	pft_cleanup
88}
89
90atf_init_test_cases()
91{
92	atf_add_test_case "v4"
93	atf_add_test_case "v6"
94}
95