HomeFreeBSD
Diffusion FreeBSD src repository - subversion rS341999

pf tests: NAT exhaustion test
rS341999
Actions

Description

pf tests: NAT exhaustion test

It's been reported that pf doesn't handle running out of available ports
for NAT correctly. It freezes until a state expires and it can find a
free port.
Test for this, by setting up a situation where only two ports are
available for NAT and then attempting to create three connections.

If successful the third connection will fail immediately. In an
incorrect case the connection attempt will freeze, also freezing all
interaction with pf through pfctl and trigger timeout.

PR: 233867
MFC after: 2 weeks

Details

Provenance
kpAuthored on
Parents
rS341998: pf: Fix endless loop on NAT exhaustion with sticky-address
Branches
Unknown
Tags
Unknown

Changes (2)

PathSize
head/
tests/
sys/
netpfil/
pf/

rS341999

View Options

head/tests/sys/netpfil/pf/Makefile

Loading...
View Options

head/tests/sys/netpfil/pf/nat.sh

Loading...