pf tests: Basic rdr test

MFC after:	2 weeks

2 files changed, 49 insertions, 0 deletions

diff --git a/tests/sys/netpfil/pf/Makefile b/tests/sys/netpfil/pf/Makefile
index cab2cb35d3b3..dc7f68aa59fa 100644
--- a/tests/sys/netpfil/pf/Makefile
+++ b/tests/sys/netpfil/pf/Makefile
@@ -12,6 +12,7 @@ ATF_TESTS_SH+=	anchor \
 		names \
 		nat \
 		set_tos \
+		rdr \
 		route_to \
 		synproxy \
 		set_skip \
diff --git a/tests/sys/netpfil/pf/rdr.sh b/tests/sys/netpfil/pf/rdr.sh
new file mode 100755
index 000000000000..4f0aeebc9212
--- /dev/null
+++ b/tests/sys/netpfil/pf/rdr.sh
@@ -0,0 +1,48 @@
+# $FreeBSD$
+
+. $(atf_get_srcdir)/utils.subr
+
+atf_test_case "basic" "cleanup"
+basic_head()
+{
+	atf_set descr 'Basic rdr test'
+	atf_set require.user root
+}
+
+basic_body()
+{
+	pft_init
+
+	epair=$(pft_mkepair)
+
+	pft_mkjail alcatraz ${epair}b
+
+	ifconfig ${epair}a 192.0.2.2/24 up
+	route add -net 198.51.100.0/24 192.0.2.1
+
+	jexec alcatraz ifconfig ${epair}b 192.0.2.1/24 up
+	jexec alcatraz sysctl net.inet.ip.forwarding=1
+
+	# Enable pf!
+	jexec alcatraz pfctl -e
+	pft_set_rules alcatraz \
+		"rdr pass on ${epair}b proto tcp from any to 198.51.100.0/24 port 1234 -> 192.0.2.1 port 4321"
+
+	echo "foo" | jexec alcatraz nc -N -l 4321 &
+	sleep 1
+
+	result=$(nc -N -w 3 198.51.100.2 1234)
+	if [ "$result" != "foo" ]; then
+		atf_fail "Redirect failed"
+	fi
+}
+
+basic_cleanup()
+{
+	pft_cleanup
+}
+
+atf_init_test_cases()
+{
+	atf_add_test_case "basic"
+}