diff --git a/tests/sys/netpfil/common/pft_ping.py b/tests/sys/netpfil/common/pft_ping.py
index e77d0835134f..da8edd9f7b63 100644
--- a/tests/sys/netpfil/common/pft_ping.py
+++ b/tests/sys/netpfil/common/pft_ping.py
@@ -1,135 +1,135 @@
-#!/usr/local/bin/python2.7
+#!/usr/bin/env python
 
 import argparse
 import scapy.all as sp
 import sys
 from sniffer import Sniffer
 
 PAYLOAD_MAGIC = 0x42c0ffee
 
 def check_ping_request(args, packet):
 	if args.ip6:
 		return check_ping6_request(args, packet)
 	else:
 		return check_ping4_request(args, packet)
 
 def check_ping4_request(args, packet):
 	"""
 	Verify that the packet matches what we'd have sent
 	"""
 	dst_ip = args.to[0]
 
 	ip = packet.getlayer(sp.IP)
 	if not ip:
 		return False
 	if ip.dst != dst_ip:
 		return False
 
 	icmp = packet.getlayer(sp.ICMP)
 	if not icmp:
 		return False
 	if sp.icmptypes[icmp.type] != 'echo-request':
 		return False
 
 	raw = packet.getlayer(sp.Raw)
 	if not raw:
 		return False
-	if raw.load != str(PAYLOAD_MAGIC):
+	if int(raw.load) != PAYLOAD_MAGIC:
 		return False
 
 	# Wait to check expectations until we've established this is the packet we
 	# sent.
 	if args.expect_tos:
 		if ip.tos != int(args.expect_tos[0]):
-			print "Unexpected ToS value %d, expected %s" \
-				% (ip.tos, args.expect_tos[0])
+			print("Unexpected ToS value %d, expected %d" \
+				% (ip.tos, int(args.expect_tos[0])))
 			return False
 
 	return True
 
 def check_ping6_request(args, packet):
 	"""
 	Verify that the packet matches what we'd have sent
 	"""
 	dst_ip = args.to[0]
 
 	ip = packet.getlayer(sp.IPv6)
 	if not ip:
 		return False
 	if ip.dst != dst_ip:
 		return False
 
 	icmp = packet.getlayer(sp.ICMPv6EchoRequest)
 	if not icmp:
 		return False
-	if icmp.data != str(PAYLOAD_MAGIC):
+	if int(icmp.data) != PAYLOAD_MAGIC:
 		return False
 
 	return True
 
 def ping(send_if, dst_ip, args):
 	ether = sp.Ether()
 	ip = sp.IP(dst=dst_ip)
 	icmp = sp.ICMP(type='echo-request')
-	raw = sp.Raw(str(PAYLOAD_MAGIC))
+	raw = sp.raw(str(PAYLOAD_MAGIC))
 
 	if args.send_tos:
 		ip.tos = int(args.send_tos[0])
 
 	req = ether / ip / icmp / raw
 	sp.sendp(req, iface=send_if, verbose=False)
 
 def ping6(send_if, dst_ip, args):
 	ether = sp.Ether()
 	ip6 = sp.IPv6(dst=dst_ip)
-	icmp = sp.ICMPv6EchoRequest(data=PAYLOAD_MAGIC)
+	icmp = sp.ICMPv6EchoRequest(data=sp.raw(str(PAYLOAD_MAGIC)))
 
 	req = ether / ip6 / icmp
 	sp.sendp(req, iface=send_if, verbose=False)
 
 def main():
 	parser = argparse.ArgumentParser("pft_ping.py",
 		description="Ping test tool")
 	parser.add_argument('--sendif', nargs=1,
 		required=True,
 		help='The interface through which the packet(s) will be sent')
 	parser.add_argument('--recvif', nargs=1,
 		help='The interface on which to expect the ICMP echo response')
 	parser.add_argument('--ip6', action='store_true',
 		help='Use IPv6')
 	parser.add_argument('--to', nargs=1,
 		required=True,
 		help='The destination IP address for the ICMP echo request')
 
 	# Packet settings
 	parser.add_argument('--send-tos', nargs=1,
 		help='Set the ToS value for the transmitted packet')
 
 	# Expectations
 	parser.add_argument('--expect-tos', nargs=1,
 		help='The expected ToS value in the received packet')
 
 	args = parser.parse_args()
 
 	# We may not have a default route. Tell scapy where to start looking for routes
 	sp.conf.iface6 = args.sendif[0]
 
 	sniffer = None
 	if not args.recvif is None:
 		sniffer = Sniffer(args, check_ping_request)
 
 	if args.ip6:
 		ping6(args.sendif[0], args.to[0], args)
 	else:
 		ping(args.sendif[0], args.to[0], args)
 
 	if sniffer:
 		sniffer.join()
 
 		if sniffer.foundCorrectPacket:
 			sys.exit(0)
 		else:
 			sys.exit(1)
 
 if __name__ == '__main__':
 	main()
diff --git a/tests/sys/netpfil/pf/CVE-2019-5597.py b/tests/sys/netpfil/pf/CVE-2019-5597.py
index 524d26d72b2d..68579e99590c 100644
--- a/tests/sys/netpfil/pf/CVE-2019-5597.py
+++ b/tests/sys/netpfil/pf/CVE-2019-5597.py
@@ -1,35 +1,36 @@
-#!/usr/local/bin/python2.7
+#!/usr/bin/env python
 
 import random
 import scapy.all as sp
 import sys
 
 UDP_PROTO  = 17
 AH_PROTO   = 51
 FRAG_PROTO = 44
 
 def main():
     intf = sys.argv[1]
     ipv6_src = sys.argv[2]
     ipv6_dst = sys.argv[3]
 
     ipv6_main = sp.IPv6(dst=ipv6_dst, src=ipv6_src)
 
     padding = 8
     fid = random.randint(0,100000)
     frag_0 = sp.IPv6ExtHdrFragment(id=fid, nh=UDP_PROTO, m=1, offset=0)
-    frag_1 = sp.IPv6ExtHdrFragment(id=fid, nh=UDP_PROTO, m=0, offset=padding/8)
+    foff_1 = (int)(padding/8)
+    frag_1 = sp.IPv6ExtHdrFragment(id=fid, nh=UDP_PROTO, m=0, offset=foff_1)
     
     pkt1_opts = sp.AH(nh=AH_PROTO, payloadlen=200) \
             / sp.Raw('XXXX' * 199) \
             / sp.AH(nh=FRAG_PROTO, payloadlen=1) \
             / frag_1
 
     pkt0 = sp.Ether() / ipv6_main / frag_0 / sp.Raw('A' * padding)
     pkt1 = sp.Ether() / ipv6_main / pkt1_opts / sp.Raw('B' * padding)
 
     sp.sendp(pkt0, iface=intf, verbose=False)
     sp.sendp(pkt1, iface=intf, verbose=False)
 
 if __name__ == '__main__':
 	main()
diff --git a/tests/sys/netpfil/pf/CVE-2019-5598.py b/tests/sys/netpfil/pf/CVE-2019-5598.py
index 1a019ea23fab..1a2619f7e52f 100644
--- a/tests/sys/netpfil/pf/CVE-2019-5598.py
+++ b/tests/sys/netpfil/pf/CVE-2019-5598.py
@@ -1,65 +1,65 @@
-#!/usr/local/bin/python2.7
+#!/usr/bin/env python
 
 import argparse
 import scapy.all as sp
 import sys
 from sniffer import Sniffer
 
 def check_icmp_error(args, packet):
 	ip = packet.getlayer(sp.IP)
 	if not ip:
 		return False
 	if ip.dst != args.to[0]:
 		return False
 
 	icmp = packet.getlayer(sp.ICMP)
 	if not icmp:
 		return False
 	if icmp.type != 3 or icmp.code != 3:
 		return False
 
 	return True
 
 def main():
 	parser = argparse.ArgumentParser("CVE-2019-icmp.py",
 		description="CVE-2019-icmp test tool")
 	parser.add_argument('--sendif', nargs=1,
 		required=True,
 		help='The interface through which the packet will be sent')
 	parser.add_argument('--recvif', nargs=1,
 		required=True,
 		help='The interface on which to check for the packet')
 	parser.add_argument('--src', nargs=1,
 		required=True,
 		help='The source IP address')
 	parser.add_argument('--to', nargs=1,
 		required=True,
 		help='The destination IP address')
 
 	args = parser.parse_args()
 
-        # Send the allowed packet to establish state
-        udp = sp.Ether() / \
-            sp.IP(src=args.src[0], dst=args.to[0]) / \
-            sp.UDP(dport=53, sport=1234)
-        sp.sendp(udp, iface=args.sendif[0], verbose=False)
+	# Send the allowed packet to establish state
+	udp = sp.Ether() / \
+	    sp.IP(src=args.src[0], dst=args.to[0]) / \
+	    sp.UDP(dport=53, sport=1234)
+	sp.sendp(udp, iface=args.sendif[0], verbose=False)
 
 	# Start sniffing on recvif
 	sniffer = Sniffer(args, check_icmp_error)
 
 	# Send the bad error packet
 	icmp_reachable = sp.Ether() / \
-            sp.IP(src=args.src[0], dst=args.to[0]) / \
+	    sp.IP(src=args.src[0], dst=args.to[0]) / \
 	    sp.ICMP(type=3, code=3) / \
 	    sp.IP(src="4.3.2.1", dst="1.2.3.4") / \
 	    sp.UDP(dport=53, sport=1234)
 	sp.sendp(icmp_reachable, iface=args.sendif[0], verbose=False)
 
 	sniffer.join()
 	if sniffer.foundCorrectPacket:
 		sys.exit(1)
 
 	sys.exit(0)
 
 if __name__ == '__main__':
 	main()