3 . $(atf_get_srcdir)/utils.subr
5 atf_test_case "v4" "cleanup"
8 atf_set descr 'Basic route-to test'
9 atf_set require.user root
16 epair_send=$(pft_mkepair)
17 ifconfig ${epair_send}a 192.0.2.1/24 up
18 epair_route=$(pft_mkepair)
19 ifconfig ${epair_route}a 203.0.113.1/24 up
21 pft_mkjail alcatraz ${epair_send}b ${epair_route}b
22 jexec alcatraz ifconfig ${epair_send}b 192.0.2.2/24 up
23 jexec alcatraz ifconfig ${epair_route}b 203.0.113.2/24 up
24 jexec alcatraz route add -net 198.51.100.0/24 192.0.2.1
25 jexec alcatraz pfctl -e
27 # Attempt to provoke PR 228782
28 pft_set_rules alcatraz "block all" "pass user 2" \
29 "pass out route-to (${epair_route}b 203.0.113.1) from 192.0.2.2 to 198.51.100.1 no state"
30 jexec alcatraz nc -w 3 -s 192.0.2.2 198.51.100.1 22
32 # atf wants us to not return an error, but our netcat will fail
41 atf_test_case "v6" "cleanup"
44 atf_set descr 'Basic route-to test (IPv6)'
45 atf_set require.user root
52 epair_send=$(pft_mkepair)
53 ifconfig ${epair_send}a inet6 2001:db8:42::1/64 up no_dad -ifdisabled
54 epair_route=$(pft_mkepair)
55 ifconfig ${epair_route}a inet6 2001:db8:43::1/64 up no_dad -ifdisabled
57 pft_mkjail alcatraz ${epair_send}b ${epair_route}b
58 jexec alcatraz ifconfig ${epair_send}b inet6 2001:db8:42::2/64 up no_dad
59 jexec alcatraz ifconfig ${epair_route}b inet6 2001:db8:43::2/64 up no_dad
60 jexec alcatraz route add -6 2001:db8:666::/64 2001:db8:42::2
61 jexec alcatraz pfctl -e
63 # Attempt to provoke PR 228782
64 pft_set_rules alcatraz "block all" "pass user 2" \
65 "pass out route-to (${epair_route}b 2001:db8:43::1) from 2001:db8:42::2 to 2001:db8:666::1 no state"
66 jexec alcatraz nc -6 -w 3 -s 2001:db8:42::2 2001:db8:666::1 22
68 # atf wants us to not return an error, but our netcat will fail
79 atf_add_test_case "v4"
80 atf_add_test_case "v6"
projects / FreeBSD / FreeBSD.git / blob