Page MenuHomeFreeBSD
Files F109435328

D29781.diff
No OneTemporary
Actions

D29781.diff
View Options

diff --git a/tests/sys/netpfil/pf/rules_counter.sh b/tests/sys/netpfil/pf/rules_counter.sh
--- a/tests/sys/netpfil/pf/rules_counter.sh
+++ b/tests/sys/netpfil/pf/rules_counter.sh
@@ -73,7 +73,89 @@
pft_cleanup
}
+atf_test_case "keepcounters" "cleanup"
+keepcounters_head()
+{
+ atf_set descr 'Test keepcounter functionality'
+ atf_set require.user root
+}
+
+keepcounters_body()
+{
+ pft_init
+
+ epair_send=$(vnet_mkepair)
+ ifconfig ${epair_send}a 192.0.2.1/24 up
+
+ vnet_mkjail alcatraz ${epair_send}b
+ jexec alcatraz ifconfig ${epair_send}b 192.0.2.2/24 up
+ jexec alcatraz pfctl -e
+
+ pft_set_rules alcatraz \
+ "pass all"
+
+ # Expect zero counters
+ atf_check -s exit:0 -e ignore \
+ -o match:'Evaluations: 0[[:space:]]*Packets: 0*[[:space:]]*Bytes: 0*[[:space:]]*' \
+ jexec alcatraz pfctl -s r -v
+
+ # Ensure the rule matched packets, so we can verify non-zero counters
+ atf_check -s exit:0 -o ignore ping -c 3 192.0.2.2
+
+ # Expect non-zero counters
+ atf_check -s exit:0 -e ignore \
+ -o match:'Evaluations: [1-9][0-9]*[[:space:]]*Packets: [1-9][0-9]*[[:space:]]*Bytes: [1-9][0-9]*[[:space:]]*' \
+ jexec alcatraz pfctl -s r -v
+
+ # As we set the (same) rules again we'd expect the counters to return
+ # to zero
+ pft_set_rules noflush alcatraz \
+ "pass all"
+
+ atf_check -s exit:0 -e ignore \
+ -o match:'Evaluations: 0[[:space:]]*Packets: 0*[[:space:]]*Bytes: 0*[[:space:]]*' \
+ jexec alcatraz pfctl -s r -v
+
+ # Increment rule counters
+ atf_check -s exit:0 -o ignore ping -c 3 192.0.2.2
+
+ # Now set new rules with 'keepcounters' set, so we'd expect nonzero
+ # counters
+ pft_set_rules noflush alcatraz \
+ "set keepcounters" \
+ "pass all"
+
+ atf_check -s exit:0 -e ignore \
+ -o match:'Evaluations: [1-9][0-9]*[[:space:]]*Packets: [1-9][0-9]*[[:space:]]*Bytes: [1-9][0-9]*[[:space:]]*' \
+ jexec alcatraz pfctl -s r -v
+
+ # However, if we set a different rule it should return to zero
+ pft_set_rules noflush alcatraz \
+ "set keepcounters" \
+ "pass inet all"
+
+ atf_check -s exit:0 -e ignore \
+ -o match:'Evaluations: 0[[:space:]]*Packets: 0*[[:space:]]*Bytes: 0*[[:space:]]*' \
+ jexec alcatraz pfctl -s r -v
+
+ # If we generate traffic and don't set keepcounters we also see zero
+ # counts when setting new rules
+ atf_check -s exit:0 -o ignore ping -c 3 192.0.2.2
+ pft_set_rules noflush alcatraz \
+ "pass inet all"
+
+ atf_check -s exit:0 -e ignore \
+ -o match:'Evaluations: 0[[:space:]]*Packets: 0*[[:space:]]*Bytes: 0*[[:space:]]*' \
+ jexec alcatraz pfctl -s r -v
+}
+
+keepcounters_cleanup()
+{
+ pft_cleanup
+}
+
atf_init_test_cases()
{
atf_add_test_case "get_clear"
+ atf_add_test_case "keepcounters"
}

File Metadata

Mime Type
text/plain
Expires
Thu, Feb 6, 12:54 AM (10 h, 54 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
16483840
Default Alt Text
D29781.diff (2 KB)

Event Timeline