git: 23c17bd60904 - main - pf tests: verify max-pkt-rate on anchors

Mon, 30 Jun 2025 02:55:16 -0700 

The branch main has been updated by kp:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=23c17bd60904a4a6e02e935e11bc19301b41638d

commit 23c17bd60904a4a6e02e935e11bc19301b41638d
Author:     Kristof Provost <k...@freebsd.org>
AuthorDate: 2025-06-25 15:02:01 +0000
Commit:     Kristof Provost <k...@freebsd.org>
CommitDate: 2025-06-30 07:53:25 +0000

    pf tests: verify max-pkt-rate on anchors
    
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 tests/sys/netpfil/pf/max_pkt_rate.sh | 65 ++++++++++++++++++++++++++++--------
 1 file changed, 52 insertions(+), 13 deletions(-)

diff --git a/tests/sys/netpfil/pf/max_pkt_rate.sh 
b/tests/sys/netpfil/pf/max_pkt_rate.sh
index d1e92a64de1d..bdd140eb60dd 100644
--- a/tests/sys/netpfil/pf/max_pkt_rate.sh
+++ b/tests/sys/netpfil/pf/max_pkt_rate.sh
@@ -26,17 +26,8 @@
 
 . $(atf_get_srcdir)/utils.subr
 
-atf_test_case "basic" "cleanup"
-basic_head()
+common_setup()
 {
-       atf_set descr 'Basic maximum packet rate test'
-       atf_set require.user root
-}
-
-basic_body()
-{
-       pft_init
-
        epair=$(vnet_mkepair)
 
        ifconfig ${epair}a inet 192.0.2.2/24 up
@@ -49,10 +40,10 @@ basic_body()
            ping -c 1 192.0.2.1
 
        jexec alcatraz pfctl -e
-       pft_set_rules alcatraz \
-           "block" \
-           "pass in proto icmp max-pkt-rate 2/2"
+}
 
+common_test()
+{
        # One ping will pass
        atf_check -s exit:0 -o ignore \
            ping -c 1 192.0.2.1
@@ -71,12 +62,60 @@ basic_body()
            ping -c 1 192.0.2.1
 }
 
+atf_test_case "basic" "cleanup"
+basic_head()
+{
+       atf_set descr 'Basic maximum packet rate test'
+       atf_set require.user root
+}
+
+basic_body()
+{
+       pft_init
+
+       common_setup
+
+       pft_set_rules alcatraz \
+           "block" \
+           "pass in proto icmp max-pkt-rate 2/2"
+
+       common_test
+}
+
 basic_cleanup()
 {
        pft_cleanup
 }
 
+atf_test_case "anchor" "cleanup"
+anchor_head()
+{
+       atf_set descr 'maximum packet rate on anchor'
+       atf_set require.user root
+}
+
+anchor_body()
+{
+       pft_init
+
+       common_setup
+
+       pft_set_rules alcatraz \
+           "block" \
+           "anchor \"foo\" proto icmp max-pkt-rate 2/2 {\n \
+               pass \n \
+           }"
+
+       common_test
+}
+
+anchor_cleanup()
+{
+       pft_cleanup
+}
+
 atf_init_test_cases()
 {
        atf_add_test_case "basic"
+       atf_add_test_case "anchor"
 }

Reply via email to