Sync usage with man page.
[netbsd-mini2440.git] / tests / ipf / t_ipf.in
blob01d811da2a827ecf626acfc7eac5e1ce358fb590
1 # $NetBSD$
3 # Copyright (c) 2008 The NetBSD Foundation, Inc.
4 # All rights reserved.
6 # Redistribution and use in source and binary forms, with or without
7 # modification, are permitted provided that the following conditions
8 # are met:
9 # 1. Redistributions of source code must retain the above copyright
10 #    notice, this list of conditions and the following disclaimer.
11 # 2. Redistributions in binary form must reproduce the above copyright
12 #    notice, this list of conditions and the following disclaimer in the
13 #    documentation and/or other materials provided with the distribution.
15 # THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
16 # ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
17 # TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
18 # PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
19 # BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
20 # CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
21 # SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
22 # INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
23 # CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
24 # ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
25 # POSSIBILITY OF SUCH DAMAGE.
28 # (C)opyright 1993-1996 by Darren Reed.
30 # See the IPFILTER.LICENCE file for details on licencing.
33 h_copydata()
35         test -f $(atf_get_srcdir)/input/$1 && \
36             cp $(atf_get_srcdir)/input/$1 in
37         test -f $(atf_get_srcdir)/regress/$1 && \
38             cp $(atf_get_srcdir)/regress/$1 reg
39         test -f $(atf_get_srcdir)/expected/$1 && \
40             cp $(atf_get_srcdir)/expected/$1 exp
43 h_dotest()
45         h_copydata $1
47         { while read rule; do
48                 atf_check -x "echo \"$rule\" | ipftest -F \
49 $2 -Rbr - -i in $4 >>out"
50                 echo "--------" >>out
51         done; } <reg
53         diff -u exp out || atf_fail "results differ"
56 h_mtest()
58         h_copydata $1
60         atf_check -o save:out ipftest -F $2 -Rbr reg -i in
61         echo "--------" >>out
63         diff -u exp out || atf_fail "results differ"
66 h_itest()
68         h_copydata $1
70         case $3 in
71         ipf)
72                 atf_check -o file:exp -e ignore ipf -Rnvf reg
73                 ;;
74         ipftest)
75                 atf_check -o file:exp ipftest -D -r reg -i /dev/null
76                 ;;
77         esac
80 h_itest_i19()
82         cp "$(atf_get_srcdir)/expected/i19.dist" .
84         if [ "`grep LOG_SECURITY /usr/include/sys/syslog.h 2>&1`" = "" ] ; then
85                 if [ "`grep LOG_AUDIT /usr/include/sys/syslog.h 2>&1`" = "" ] ; then
86                                 sed -e 's/security/!!!/g' i19.dist > i19.p1;
87                 else
88                                 sed -e 's/security/audit/g' i19.dist > i19.p1;
89                 fi
90         else
91                 cp i19.dist i19.p1;
92         fi
93         if [ "`grep LOG_AUTHPRIV /usr/include/sys/syslog.h 2>&1`" = "" ] ; then
94                 sed -e 's/authpriv/!!!/g' i19.p1 > i19.p2;
95         else
96                 cp i19.p1 i19.p2;
97         fi
98         if [ "`grep LOG_LOGALERT /usr/include/sys/syslog.h 2>&1`" = "" ] ; then
99                 sed -e 's/logalert/!!!/g' i19.p2 > i19.p1;
100         else
101                 cp i19.p2 i19.p1;
102         fi
103         if [ "`grep LOG_FTP /usr/include/sys/syslog.h 2>&1`" = "" ] ; then
104                 sed -e 's/ftp/!!!/g' i19.p1 > i19.p2;
105         else
106                 cp i19.p1 i19.p2;
107         fi
108         if [ "`egrep 'LOG_CRON.*15' /usr/include/sys/syslog.h 2>&1`" != "" ] ; then
109                 sed -e 's/cron/cron2/g' i19.p2 > i19;
110         else
111                 cp i19.p2 i19;
112         fi
113         /bin/rm i19.p?
115         mv i19 exp
116         h_itest "$@"
119 h_nattest()
121         h_copydata $1
123         if [ $3 = hex ] ; then
124                 format="-xF $2"
125         else
126                 format="-F $2"
127         fi
129         format="$4 $format"
131         { while read rule; do
132                 atf_check -o save:save -x \
133                     "echo \"$rule\" | ipftest $format -RbN - -i in"
134                 cat save >>out
135                 echo "-------------------------------" >>out
136         done; } <reg
138         diff -u exp out || atf_fail "results differ"
141 h_natipftest()
143         h_copydata $1
144         cp $(atf_get_srcdir)/regress/$1.nat nat
145         cp $(atf_get_srcdir)/regress/$1.ipf ipf
147         if [ $4 = hex ] ; then
148                 format="-xF $3"
149         else
150                 format="-F $3"
151         fi
153         case $2 in
154         single)
155                 { while read rule; do
156                         atf_check -o save:save -x "echo \"$rule\" | \
157 ipftest -R $5 $format -b -r ipf -N - -i in"
158                         cat save >>out
159                         echo "-------------------------------" >>out
160                 done; } <nat
161                 ;;
162         multi)
163                 atf_check -o save:out ipftest -R $5 \
164                         $format -b -r ipf -N nat -i in
165                 echo "-------------------------------" >>out
166                 ;;
167         esac
169         diff -u exp out || atf_fail "results differ"
172 h_intest()
174         h_copydata $1
176         atf_check -o file:exp -e ignore ipnat -Rnvf reg
179 h_iptest()
181         h_copydata $1
182         mkdir input
183         cp $(atf_get_srcdir)/input/ip2.data input/
185         atf_check -o file:exp -e ignore ippool -f reg -nRv
188 h_logtest()
190         h_copydata $1
191         cp $(atf_get_srcdir)/expected/$1.b exp.b
193         case `uname -s` in
194         OSF1)
195                 GMT=:
196                 ;;
197         *)
198                 GMT=GMT
199                 ;;
200         esac
202         { while read rule; do
203                 echo $rule >>out
204                 atf_check -o ignore -x \
205                     "echo $rule | ipftest -br - -F $2 -i in -l logout"
207                 atf_check -o save:save -x "TZ=$GMT ipmon -P /dev/null -f logout"
208                 cat save >>out
209                 echo "--------" >>out
211                 atf_check -o save:save -x "TZ=$GMT ipmon -P /dev/null -bf logout"
212                 cat save >>out.b
213                 echo "--------" >>out.b
214         done; } <reg
216         atf_check -o ignore ipftest -br reg -F $2 -i in -l logout
218         atf_check -o save:save -x "TZ=$GMT ipmon -P /dev/null -f logout"
219         cat save >>out
220         echo "--------" >>out
222         atf_check -o save:save -x "TZ=$GMT ipmon -P /dev/null -bf logout"
223         cat save >>out.b
224         echo "--------" >>out.b
226         diff -u exp out || atf_fail "results differ"
227         diff -u exp.b out.b || atf_fail "results differ"
230 h_dotest6()
232         h_copydata $(echo ${1} | tr _ .)
234         ipftest -6 -r /dev/null -i /dev/null >/dev/null 2>&1 \
235             || atf_skip "skipping IPv6 tests"
237         { while read rule; do
238                 atf_check -o save:save -x "echo \"$rule\" | \
239 ipftest -F $2 -6br - -i in"
240                 cat save >>out
241                 echo "--------" >>out
242         done; } <reg
244         diff -u exp out || atf_fail "results differ"
247 h_ptest()
249         h_copydata $1
250         cp $(atf_get_srcdir)/regress/$1.pool pool 2>/dev/null
251         cp $(atf_get_srcdir)/regress/$1.ipf ipf
253         if [ -f pool ] ; then
254                 atf_check -o save:out ipftest -RD -b -P pool -r ipf -i in
255         else
256                 atf_check -o save:out ipftest -RD -b -r ipf -i in
257         fi
259         echo "-------------------------------" >>out
263 h_bpftest()
265         h_copydata $(echo ${1} | tr _ .)
266         cp "$(atf_get_srcdir)/input/$(echo ${1} | sed s,bpf_,,)" in
268         { while read rule; do
269                 atf_check -o save:save -x "echo '$rule' | ipftest -Rbr - -i in"
270                 cat save >>out
271                 echo "--------" >>out
272         done; } <reg
274         diff -u exp out || atf_fail "results differ"
277 tc_desc:desc_f:Checks filter rules
278 tc:f1:dotest:desc_f:text:text
279 tc:f2:dotest:desc_f:text:text
280 tc:f3:dotest:desc_f:text:text
281 tc:f4:dotest:desc_f:text:text
282 tc:f5:dotest:desc_f:text:text
283 tc:f6:dotest:desc_f:text:text
284 tc:f7:dotest:desc_f:text:text
285 tc:f8:dotest:desc_f:text:text
286 tc:f9:dotest:desc_f:text:text
287 tc:f10:dotest:desc_f:text:text
288 tc:f11:dotest:desc_f:text:text:-D
289 tc:f12:dotest:desc_f:hex:hex
290 tc:f13:dotest:desc_f:hex:hex
291 tc:f14:dotest:desc_f:text:text
292 tc:f15:mtest:desc_f:text:text
293 tc:f16:mtest:desc_f:text:text
294 tc:f17:mtest:desc_f:hex:hex
295 tc:f18:mtest:desc_f:text:text
296 tc:f19:dotest:desc_f:text:text:-T fr_statemax=3
297 tc:f20:mtest:desc_f:text:text
298 tc:f24:mtest:desc_f:hex:text
300 tc_desc:desc_i:Checks parsing and printing of ipf rules
301 tc:i1:itest:desc_i:text:ipf
302 tc:i2:itest:desc_i:text:ipf
303 tc:i3:itest:desc_i:text:ipf
304 tc:i4:itest:desc_i:text:ipf
305 tc:i5:itest:desc_i:text:ipf
306 tc:i6:itest:desc_i:text:ipf
307 tc:i7:itest:desc_i:text:ipf
308 tc:i8:itest:desc_i:text:ipf
309 tc:i9:itest:desc_i:text:ipf
310 tc:i10:itest:desc_i:text:ipf
311 tc:i11:itest:desc_i:text:ipf
312 tc:i12:itest:desc_i:text:ipf
313 tc:i13:itest:desc_i:text:ipf
314 tc:i14:itest:desc_i:text:ipf
315 tc:i15:itest:desc_i:text:ipf
316 tc:i16:itest:desc_i:text:ipf
317 tc:i17:itest:desc_i:text:ipftest
318 tc:i18:itest:desc_i:text:ipf
319 tc:i19:itest_i19:desc_i:text:ipf
320 tc:i20:itest:desc_i:text:ipf
321 tc:i21:itest:desc_i:text:ipf
323 tc_desc:desc_n:Checks NAT
324 tc:n1:nattest:desc_n:text:text
325 tc:n2:nattest:desc_n:text:text
326 tc:n3:nattest:desc_n:text:text
327 tc:n4:nattest:desc_n:text:text
328 tc:n5:nattest:desc_n:text:text
329 tc:n6:nattest:desc_n:text:text
330 tc:n7:nattest:desc_n:text:text
331 tc:n8:nattest:desc_n:hex:hex:-T fr_update_ipid=0
332 tc:n9:nattest:desc_n:hex:hex:-T fr_update_ipid=0
333 tc:n10:nattest:desc_n:hex:hex:-T fr_update_ipid=0
334 tc:n11:nattest:desc_n:text:text
335 tc:n12:nattest:desc_n:hex:hex:-T fr_update_ipid=0
336 tc:n13:nattest:desc_n:text:text
337 tc:n14:nattest:desc_n:text:text
338 tc:n16:nattest:desc_n:hex:hex:-D
339 tc:n17:nattest:desc_n:hex:hex:-D
341 tc_desc:desc_ni:Checks combined NAT and IPF
342 tc:ni1:natipftest:desc_ni:multi:hex:hex:-T fr_update_ipid=1
343 tc:ni2:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
344 tc:ni3:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
345 tc:ni4:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
346 tc:ni5:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
347 tc:ni6:natipftest:desc_ni:multi:hex:hex:-T fr_update_ipid=1
348 tc:ni7:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
349 tc:ni8:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
350 tc:ni9:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
351 tc:ni10:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
352 tc:ni11:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
353 tc:ni12:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
354 tc:ni13:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
355 tc:ni14:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
356 tc:ni15:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
357 tc:ni16:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=1
358 tc:ni19:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=0
359 tc:ni20:natipftest:desc_ni:single:hex:hex:-T fr_update_ipid=0
360 tc:ni21:natipftest:desc_ni:multi:text:text
361 tc:ni23:natipftest:desc_ni:multi:text:text:-D
363 tc_desc:desc_in:Checks parsing and printing of ipnat rules
364 tc:in1:intest:desc_in:text:text
365 tc:in2:intest:desc_in:text:text
366 tc:in3:intest:desc_in:text:text
367 tc:in4:intest:desc_in:text:text
368 tc:in5:intest:desc_in:text:text
369 tc:in6:intest:desc_in:text:text
371 tc_desc:desc_p:Checks pools
372 tc:p1:ptest:desc_p:text:text
373 tc:p2:ptest:desc_p:text:text
374 tc:p3:ptest:desc_p:text:text
375 tc:p5:ptest:desc_p:text:text
377 tc_desc:desc_ip:Checks pools
378 tc:ip1:iptest:desc_ip:text:text
379 tc:ip2:iptest:desc_ip:text:text
381 tc_desc:desc_log:Checks logging
382 tc:l1:logtest:desc_log:hex:hex
384 tc_desc:desc_ipv6:Checks ipv6 filter rules
385 tc:ipv6_1:dotest6:desc_ipv6:hex:hex
386 tc:ipv6_2:dotest6:desc_ipv6:hex:hex
387 tc:ipv6_3:dotest6:desc_ipv6:hex:hex
388 tc:ipv6_5:dotest6:desc_ipv6:hex:hex
389 tc:ipv6_6:dotest6:desc_ipv6:hex:text
391 tc_desc:desc_bpf:Checks BPF
392 tc:bpf1:itest:desc_bpf:text:ipf
393 tc:bpf_f1:bpftest:desc_bpf:text:text
395 atf_init_test_cases()
397 tc_list