mirror of
https://git.FreeBSD.org/src.git
synced 2024-10-19 02:29:40 +00:00
pf tests: ensure that $nr expansion is correct
Test the $nr expansion in labels is correct, even if the optimiser
reduces the rule count.
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D32489
(cherry picked from commit 914ec9c78d
)
This commit is contained in:
parent
35237559a6
commit
9365113e89
@ -14,6 +14,7 @@ ATF_TESTS_SH+= altq \
|
||||
get_state \
|
||||
icmp \
|
||||
killstate \
|
||||
macro \
|
||||
map_e \
|
||||
names \
|
||||
nat \
|
||||
|
40
tests/sys/netpfil/pf/macro.sh
Normal file
40
tests/sys/netpfil/pf/macro.sh
Normal file
@ -0,0 +1,40 @@
|
||||
. $(atf_get_srcdir)/utils.subr
|
||||
|
||||
atf_test_case "nr" "cleanup"
|
||||
nr_head()
|
||||
{
|
||||
atf_set descr 'Test $nr expansion'
|
||||
atf_set require.user root
|
||||
}
|
||||
|
||||
nr_body()
|
||||
{
|
||||
# Ensure that when the optimiser collapses rules the macro expansion
|
||||
# has the correct rule number
|
||||
pft_init
|
||||
|
||||
vnet_mkjail alcatraz
|
||||
jexec alcatraz ifconfig lo0 inet 127.0.0.1/8
|
||||
jexec alcatraz ifconfig lo0 inet 127.0.0.2/32 alias
|
||||
|
||||
pft_set_rules alcatraz \
|
||||
"pass quick on lo from lo:network to lo:network" \
|
||||
"block quick all label \"ruleNo:\$nr\""
|
||||
|
||||
no=$(jexec alcatraz pfctl -sr -vv | awk '/ruleNo/ { gsub("@", "", $1); print $1; }')
|
||||
ruleno=$(jexec alcatraz pfctl -sr -vv | awk '/ruleNo/ { gsub(/"ruleNo:/, "", $7); gsub(/"/, "", $7); print $7; }')
|
||||
if [ "${no}" -ne "${ruleno}" ];
|
||||
then
|
||||
atf_fail "Expected ruleNo $no != $ruleno"
|
||||
fi
|
||||
}
|
||||
|
||||
nr_cleanup()
|
||||
{
|
||||
pft_cleanup
|
||||
}
|
||||
|
||||
atf_init_test_cases()
|
||||
{
|
||||
atf_add_test_case "nr"
|
||||
}
|
Loading…
Reference in New Issue
Block a user