git: f76df4718d27 - main - if_ovpn tests: fix route_to test case

Mon, 08 May 2023 09:14:05 -0700 

The branch main has been updated by kp:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=f76df4718d27f512a7f02cccc12b9b10cf6ad13a

commit f76df4718d27f512a7f02cccc12b9b10cf6ad13a
Author:     Kristof Provost <k...@freebsd.org>
AuthorDate: 2023-05-08 15:44:47 +0000
Commit:     Kristof Provost <k...@freebsd.org>
CommitDate: 2023-05-08 15:44:47 +0000

    if_ovpn tests: fix route_to test case
    
    * Move the .254 address to the tunnel device so we reply through the
      tunnel.
    * Remove the network route to 'break' routing, which we then 'fix' with
      pf's route-to, which is the functionality we wanted to test in the
      first place.
    
    Reported by:    markj
    Sponsored by:   Rubicon Communications, LLC ("Netgate")
---
 tests/sys/net/if_ovpn/if_ovpn.sh | 24 +++++++++++-------------
 1 file changed, 11 insertions(+), 13 deletions(-)

diff --git a/tests/sys/net/if_ovpn/if_ovpn.sh b/tests/sys/net/if_ovpn/if_ovpn.sh
index 51d21b826e72..5500dd9f1f41 100644
--- a/tests/sys/net/if_ovpn/if_ovpn.sh
+++ b/tests/sys/net/if_ovpn/if_ovpn.sh
@@ -91,6 +91,8 @@ atf_test_case "4in4" "cleanup"
        # Give the tunnel time to come up
        sleep 10
 
+       atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.1
+
        echo 'foo' | jexec b nc -u -w 2 192.0.2.1 1194
        atf_check -s exit:0 -o ignore jexec b ping -c 3 198.51.100.1
 }
@@ -702,7 +704,6 @@ route_to_body()
 
        vnet_mkjail a ${l}a
        jexec a ifconfig ${l}a 192.0.2.1/24 up
-       jexec a ifconfig ${l}a inet alias 198.51.100.254/24
        vnet_mkjail b ${l}b ${n}a
        jexec b ifconfig ${l}b 192.0.2.2/24 up
        jexec b ifconfig ${n}a up
@@ -751,26 +752,23 @@ route_to_body()
 
        # Give the tunnel time to come up
        sleep 10
+       jexec a ifconfig ovpn0 inet alias 198.51.100.254/24
 
        # Check the tunnel
-       atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.1
-       atf_check -s exit:0 -o ignore jexec b ping -c 1 198.51.100.254
+       atf_check -s exit:0 -o ignore jexec b ping -c 1 -S 198.51.100.2 
198.51.100.1
+       atf_check -s exit:0 -o ignore jexec b ping -c 1 -S 198.51.100.2 
198.51.100.254
+
+       # Break our route to .254 so that we need a route-to to make things 
work.
+       jexec b ifconfig ${n}a 203.0.113.1/24 up
+       jexec b route add 198.51.100.254 -interface ${n}a
 
-       # Break our routes so that we need a route-to to make things work.
-       jexec b ifconfig ${n}a 198.51.100.3/24
-       atf_check -s exit:2 -o ignore jexec b ping -c 1 -t 1 -S 198.51.100.2 
198.51.100.254
+       # Make sure it's broken.
+       atf_check -s exit:2 -o ignore jexec b ping -c 1 -S 198.51.100.2 
198.51.100.254
 
        jexec b pfctl -e
        pft_set_rules b \
                "pass out route-to (tun0 198.51.100.1) proto icmp from 
198.51.100.2 "
        atf_check -s exit:0 -o ignore jexec b ping -c 3 -S 198.51.100.2 
198.51.100.254
-
-       # And this keeps working even if we don't have a route to 
198.51.100.0/24 via if_ovpn
-       jexec b route del -net 198.51.100.0/24
-       jexec b route add -net 198.51.100.0/24 -interface ${n}a
-       pft_set_rules b \
-               "pass out route-to (tun0 198.51.100.3) proto icmp from 
198.51.100.2 "
-       atf_check -s exit:0 -o ignore jexec b ping -c 3 -S 198.51.100.2 
198.51.100.254
 }
 
 route_to_cleanup()

Reply via email to