diff options
| author | Kristof Provost <kp@FreeBSD.org> | 2026-01-08 17:37:27 +0000 |
|---|---|---|
| committer | Kristof Provost <kp@FreeBSD.org> | 2026-01-14 06:44:41 +0000 |
| commit | e3319f91900b7184c0f9f33a24e3fb4440324fce (patch) | |
| tree | 3ec76ae8e9fa0d4629617ebb9669cda912745876 | |
| parent | 086a3cb4b850184448f0f127ddd8f875a3070164 (diff) | |
pf tests: extend the source limiter test
Also enumerate and kill individual source addresses.
Sponsored by: Rubicon Communications, LLC ("Netgate")
| -rw-r--r-- | tests/sys/netpfil/pf/limiters.sh | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/tests/sys/netpfil/pf/limiters.sh b/tests/sys/netpfil/pf/limiters.sh index 3f70c8e79caa..ee58d3974f9f 100644 --- a/tests/sys/netpfil/pf/limiters.sh +++ b/tests/sys/netpfil/pf/limiters.sh @@ -180,6 +180,20 @@ source_basic_body() # However, a different source will succeed atf_check -s exit:0 -o ignore \ ping -S 192.0.2.3 -c 2 192.0.2.1 + + atf_check -o match:"192.0.2.2/32 .*hardlim 2 ratelim 0" \ + -e ignore \ + jexec alcatraz pfctl -sLimiterSrcs -v + atf_check -o match:"192.0.2.3/32 .*hardlim 0 ratelim 0" \ + -e ignore \ + jexec alcatraz pfctl -sLimiterSrcs -v + + # Kill the source entry + atf_check -s exit:0 -e ignore \ + jexec alcatraz pfctl -I 1 -k source -k 192.0.2.2 + # Now we can ping again from it + atf_check -s exit:0 -o ignore \ + ping -S 192.0.2.2 -c 2 192.0.2.1 } source_basic_cleanup() |