git: 95d1b98db164 - main - pf tests: verify the new reset functionality

Mon, 07 Jul 2025 08:09:55 -0700 

The branch main has been updated by kp:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=95d1b98db164f1e99622b2425cf39d96ddab44bc

commit 95d1b98db164f1e99622b2425cf39d96ddab44bc
Author:     Kristof Provost <k...@freebsd.org>
AuthorDate: 2025-07-02 15:00:16 +0000
Commit:     Kristof Provost <k...@freebsd.org>
CommitDate: 2025-07-07 15:06:51 +0000

    pf tests: verify the new reset functionality
    
    We can now reset state limit, debug level and others.
    Verify reset for at least some of these.
    
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 tests/sys/netpfil/pf/debug.sh | 50 +++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 50 insertions(+)

diff --git a/tests/sys/netpfil/pf/debug.sh b/tests/sys/netpfil/pf/debug.sh
index 18a7febfbb5b..404d37ab8932 100644
--- a/tests/sys/netpfil/pf/debug.sh
+++ b/tests/sys/netpfil/pf/debug.sh
@@ -50,7 +50,57 @@ basic_cleanup()
        pft_cleanup
 }
 
+atf_test_case "reset" "cleanup"
+reset_head()
+{
+       atf_set descr 'Test resetting debug level'
+       atf_set require.user root
+}
+
+reset_body()
+{
+       pft_init
+
+       vnet_mkjail debug
+
+       # Default is Urgent
+       atf_check -s exit:0 -o match:'Debug: Urgent' \
+           jexec debug pfctl -sa
+       state_limit=$(jexec debug pfctl -sa | grep 'states.*hard limit' | awk 
'{ print $4; }')
+
+       # Change defaults
+       pft_set_rules debug \
+           "set limit states 42"
+       atf_check -s exit:0 -e ignore \
+           jexec debug pfctl -x loud
+
+       atf_check -s exit:0 -o match:'Debug: Loud' \
+           jexec debug pfctl -sa
+       new_state_limit=$(jexec debug pfctl -sa | grep 'states.*hard limit' | 
awk '{ print $4; }')
+       if [ $state_limit -eq $new_state_limit ]; then
+               jexec debug pfctl -sa
+               atf_fail "Failed to change state limit"
+       fi
+
+       # Reset
+       atf_check -s exit:0 -o ignore -e ignore \
+           jexec debug pfctl -FR
+       atf_check -s exit:0 -o match:'Debug: Urgent' \
+           jexec debug pfctl -sa
+       new_state_limit=$(jexec debug pfctl -sa | grep 'states.*hard limit' | 
awk '{ print $4; }')
+       if [ $state_limit -ne $new_state_limit ]; then
+               jexec debug pfctl -sa
+               atf_fail "Failed to reset state limit"
+       fi
+}
+
+reset_cleanup()
+{
+       pft_cleanup
+}
+
 atf_init_test_cases()
 {
        atf_add_test_case "basic"
+       atf_add_test_case "reset"
 }

Reply via email to