Date: Mon, 7 Jul 2025 15:08:02 GMT From: Kristof Provost <kp@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org Subject: git: 95d1b98db164 - main - pf tests: verify the new reset functionality Message-ID: <202507071508.567F82SD016845@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch main has been updated by kp: URL: https://cgit.FreeBSD.org/src/commit/?id=95d1b98db164f1e99622b2425cf39d96ddab44bc commit 95d1b98db164f1e99622b2425cf39d96ddab44bc Author: Kristof Provost <kp@FreeBSD.org> AuthorDate: 2025-07-02 15:00:16 +0000 Commit: Kristof Provost <kp@FreeBSD.org> CommitDate: 2025-07-07 15:06:51 +0000 pf tests: verify the new reset functionality We can now reset state limit, debug level and others. Verify reset for at least some of these. Sponsored by: Rubicon Communications, LLC ("Netgate") --- tests/sys/netpfil/pf/debug.sh | 50 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) diff --git a/tests/sys/netpfil/pf/debug.sh b/tests/sys/netpfil/pf/debug.sh index 18a7febfbb5b..404d37ab8932 100644 --- a/tests/sys/netpfil/pf/debug.sh +++ b/tests/sys/netpfil/pf/debug.sh @@ -50,7 +50,57 @@ basic_cleanup() pft_cleanup } +atf_test_case "reset" "cleanup" +reset_head() +{ + atf_set descr 'Test resetting debug level' + atf_set require.user root +} + +reset_body() +{ + pft_init + + vnet_mkjail debug + + # Default is Urgent + atf_check -s exit:0 -o match:'Debug: Urgent' \ + jexec debug pfctl -sa + state_limit=$(jexec debug pfctl -sa | grep 'states.*hard limit' | awk '{ print $4; }') + + # Change defaults + pft_set_rules debug \ + "set limit states 42" + atf_check -s exit:0 -e ignore \ + jexec debug pfctl -x loud + + atf_check -s exit:0 -o match:'Debug: Loud' \ + jexec debug pfctl -sa + new_state_limit=$(jexec debug pfctl -sa | grep 'states.*hard limit' | awk '{ print $4; }') + if [ $state_limit -eq $new_state_limit ]; then + jexec debug pfctl -sa + atf_fail "Failed to change state limit" + fi + + # Reset + atf_check -s exit:0 -o ignore -e ignore \ + jexec debug pfctl -FR + atf_check -s exit:0 -o match:'Debug: Urgent' \ + jexec debug pfctl -sa + new_state_limit=$(jexec debug pfctl -sa | grep 'states.*hard limit' | awk '{ print $4; }') + if [ $state_limit -ne $new_state_limit ]; then + jexec debug pfctl -sa + atf_fail "Failed to reset state limit" + fi +} + +reset_cleanup() +{ + pft_cleanup +} + atf_init_test_cases() { atf_add_test_case "basic" + atf_add_test_case "reset" }
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202507071508.567F82SD016845>