1
0
mirror of https://git.FreeBSD.org/src.git synced 2024-12-18 10:35:55 +00:00

pf tests: test address range as nat64 from address

Sponsored by:	Rubicon Communications, LLC ("Netgate")
This commit is contained in:
Kristof Provost 2024-12-11 11:47:43 +01:00
parent e0dcc51ddb
commit bdb583afa1

View File

@ -276,6 +276,70 @@ no_v4_cleanup()
pft_cleanup
}
atf_test_case "range" "cleanup"
range_head()
{
atf_set descr 'Test using an address range for the IPv4 side'
atf_set require.user root
}
range_body()
{
pft_init
epair_link=$(vnet_mkepair)
epair=$(vnet_mkepair)
ifconfig ${epair}a inet6 2001:db8::2/64 up no_dad
route -6 add default 2001:db8::1
vnet_mkjail rtr ${epair}b ${epair_link}a
jexec rtr ifconfig ${epair}b inet6 2001:db8::1/64 up no_dad
jexec rtr ifconfig ${epair_link}a 192.0.2.2/24 up
jexec rtr ifconfig ${epair_link}a inet alias 192.0.2.3/24 up
vnet_mkjail dst ${epair_link}b
jexec dst ifconfig ${epair_link}b 192.0.2.254/24 up
jexec dst route add default 192.0.2.2
# Sanity checks
atf_check -s exit:0 -o ignore \
jexec rtr ping -c 1 192.0.2.254
atf_check -s exit:0 -o ignore \
ping6 -c 1 2001:db8::1
atf_check -s exit:0 -o ignore \
jexec dst ping -c 1 192.0.2.2
atf_check -s exit:0 -o ignore \
jexec dst ping -c 1 192.0.2.3
jexec rtr pfctl -e
pft_set_rules rtr \
"set reassemble yes" \
"set state-policy if-bound" \
"pass in on ${epair}b inet6 from any to 64:ff9b::/96 af-to inet from 192.0.2.2/31 round-robin"
# Use pf to count sources
jexec dst pfctl -e
pft_set_rules dst \
"pass"
atf_check -s exit:0 -o ignore \
ping6 -c 1 64:ff9b::192.0.2.254
atf_check -s exit:0 -o ignore \
ping6 -c 1 64:ff9b::192.0.2.254
# Verify on dst that we saw different source addresses
atf_check -s exit:0 -o match:".*192.0.2.2.*" \
jexec dst pfctl -ss
atf_check -s exit:0 -o match:".*192.0.2.3.*" \
jexec dst pfctl -ss
}
range_cleanup()
{
pft_cleanup
}
atf_test_case "pool" "cleanup"
pool_head()
{
@ -438,6 +502,7 @@ atf_init_test_cases()
atf_add_test_case "sctp"
atf_add_test_case "tos"
atf_add_test_case "no_v4"
atf_add_test_case "range"
atf_add_test_case "pool"
atf_add_test_case "table"
atf_add_test_case "table_round_robin"