First cut to make it work again.

TODO: make it work with obj dirs.
2000-02-06 13:05:25 +00:00 · 2000-02-06 13:05:25 +00:00 · c4b5806fb2
parent 90736ab608
commit c4b5806fb2
68 changed files with 54 additions and 3885 deletions
--- a/usr.sbin/ipf/ipftest/test/Makefile
+++ b/usr.sbin/ipf/ipftest/test/Makefile
@ -1,4 +1,4 @@
-#	$NetBSD: Makefile,v 1.3 1998/05/29 20:59:43 veego Exp $
+#	$NetBSD: Makefile,v 1.4 2000/02/06 13:05:25 veego Exp $
 #
 # (C)opyright 1993-1996 by Darren Reed.
 #
@ -6,34 +6,38 @@
 # provided that this notice is preserved and due credit is given
 # to the original author and the contributors.
 #
-BINDEST=/usr/local/bin
-SBINDEST=/sbin
-MANDIR=/usr/share/man
+.include <bsd.prog.mk>

-tests: first 0 ftests ptests
+tests: first ftests ptests ntests

 first:
 	-mkdir -p results

 # Filtering tests
-ftests: 1 2 3 4 5 6 7 8 9 10 11 12 14
+ftests: f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 f14

 # Rule parsing tests
 ptests: i1 i2 i3 i4 i5 i6 i7 i8 i9 i10 i11

+ntests: n1 n2 n3 n4
+
 0:
 	@(cd ..; make ipftest; )

-1 2 3 4 5 6 7 8 9 10 11 14:
+f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f14:
 	@/bin/sh ./dotest $@

-12:
+f12:
 	@/bin/sh ./hextest $@

 i1 i2 i3 i4 i5 i6 i7 i8 i9 i10 i11:
 	@/bin/sh ./itest $@

-clean:
-	/bin/rm -f 1 2 3 4 5 6 7 8 9 10 11 12 14
-	/bin/rm -rf results
+n1 n2 n3 n4:
+	@/bin/sh ./nattest $@
+
+clean cleandir:
+	/bin/rm -f f1 f2 f3 f4 f5 f6 f7 f8 f9 f10 f11 f12 f14
 	/bin/rm -f i1 i2 i3 i4 i5 i6 i7 i8 i9 i10 i11
+	/bin/rm -f n1 n2 n3 n4
+	/bin/rm -rf results
--- a/usr.sbin/ipf/ipftest/test/dotest
+++ b/usr.sbin/ipf/ipftest/test/dotest
@ -1,40 +1,20 @@
 #!/bin/sh
 #
-#	$NetBSD: dotest,v 1.4 1998/05/29 21:01:45 veego Exp $
+#	$NetBSD: dotest,v 1.5 2000/02/06 13:05:26 veego Exp $
 #
-if [ -f /usr/ucb/touch ] ; then
-	TOUCH=/usr/ucb/touch
-else
-	if [ -f /usr/bin/touch ] ; then
-		TOUCH=/usr/bin/touch
-	else
-		if [ -f /bin/touch ] ; then
-			TOUCH=/bin/touch
-		fi
-	fi
-fi
-
-if [ -f ../ipftest ] ; then
-	IPFTEST=../ipftest
-else
-	if [ -f /usr/sbin/ipftest ] ; then
-		IPFTEST=/usr/sbin/ipftest
-	else
-		IPFTEST=ipftest
-	fi
-fi

 echo "$1...";
 /bin/cp /dev/null results/$1
 ( while read rule; do
-	echo "$rule" | $IPFTEST -br - -i input/$1 >> results/$1;
+	echo "$rule" | ipftest -br - -i ../../../../dist/ipf/test/input/$1 >> results/$1;
 	if [ $? -ne 0 ] ; then
 		exit 1;
 	fi
-done ) < regress/$1
-cmp expected/$1 results/$1
+	echo "--------" >> results/$1
+done ) < ../../../../dist/ipf/test/regress/$1
+cmp ../../../../dist/ipf/test/expected/$1 results/$1
 status=$?
 if [ $status = 0 ] ; then
-	$TOUCH $1
+	touch $1
 fi
 exit $status
--- a/usr.sbin/ipf/ipftest/test/expected/1
+++ b/usr.sbin/ipf/ipftest/test/expected/1
@ -1,16 +0,0 @@
-block
-block
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-pass
-pass
--- a/usr.sbin/ipf/ipftest/test/expected/10
+++ b/usr.sbin/ipf/ipftest/test/expected/10
@ -1,108 +0,0 @@
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-pass
-nomatch
-nomatch
-pass
-block
-block
-block
-nomatch
-nomatch
-block
-pass
-pass
-pass
-nomatch
-nomatch
-pass
-block
-block
-nomatch
-nomatch
-nomatch
-block
-pass
-pass
-nomatch
-nomatch
-nomatch
-pass
-block
-block
-block
-block
-block
-block
-pass
-pass
-pass
-pass
-pass
-pass
-nomatch
-block
-block
-block
-nomatch
-block
-nomatch
-pass
-pass
-pass
-nomatch
-pass
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-block
-block
-block
-nomatch
-pass
-pass
-pass
-pass
-pass
-block
-block
-nomatch
-block
-nomatch
-block
-pass
-pass
-nomatch
-pass
-nomatch
-pass
-block
-block
-block
-block
-block
-block
-pass
-pass
-pass
-pass
-pass
-pass
-block
-block
-block
-nomatch
-nomatch
-block
--- a/usr.sbin/ipf/ipftest/test/expected/11
+++ b/usr.sbin/ipf/ipftest/test/expected/11
@ -1,66 +0,0 @@
-pass
-pass
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-block
-nomatch
-nomatch
--- a/usr.sbin/ipf/ipftest/test/expected/12
+++ b/usr.sbin/ipf/ipftest/test/expected/12
@ -1,54 +0,0 @@
-pass
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
--- a/usr.sbin/ipf/ipftest/test/expected/14
+++ b/usr.sbin/ipf/ipftest/test/expected/14
@ -1,40 +0,0 @@
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-block
-block
-block
-nomatch
-nomatch
-pass
-pass
-pass
-nomatch
-block
-block
-block
-block
-block
-pass
-pass
-pass
-pass
-pass
--- a/usr.sbin/ipf/ipftest/test/expected/2
+++ b/usr.sbin/ipf/ipftest/test/expected/2
@ -1,36 +0,0 @@
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
--- a/usr.sbin/ipf/ipftest/test/expected/3
+++ b/usr.sbin/ipf/ipftest/test/expected/3
@ -1,40 +0,0 @@
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-block
-block
-block
-nomatch
-nomatch
-pass
-pass
-pass
-nomatch
-block
-block
-block
-block
-block
-pass
-pass
-pass
-pass
-pass
--- a/usr.sbin/ipf/ipftest/test/expected/4
+++ b/usr.sbin/ipf/ipftest/test/expected/4
@ -1,40 +0,0 @@
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-block
-block
-block
-nomatch
-nomatch
-pass
-pass
-pass
-nomatch
-block
-block
-block
-block
-block
-pass
-pass
-pass
-pass
-pass
--- a/usr.sbin/ipf/ipftest/test/expected/5
+++ b/usr.sbin/ipf/ipftest/test/expected/5
--- a/usr.sbin/ipf/ipftest/test/expected/6
+++ b/usr.sbin/ipf/ipftest/test/expected/6
--- a/usr.sbin/ipf/ipftest/test/expected/7
+++ b/usr.sbin/ipf/ipftest/test/expected/7
@ -1,54 +0,0 @@
-block
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-pass
--- a/usr.sbin/ipf/ipftest/test/expected/8
+++ b/usr.sbin/ipf/ipftest/test/expected/8
@ -1,36 +0,0 @@
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-nomatch
-block
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
--- a/usr.sbin/ipf/ipftest/test/expected/9
+++ b/usr.sbin/ipf/ipftest/test/expected/9
@ -1,108 +0,0 @@
-block
-block
-block
-block
-block
-block
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-pass
-pass
-pass
-pass
-block
-block
-nomatch
-nomatch
-nomatch
-nomatch
-pass
-pass
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-nomatch
-block
-block
-nomatch
--- a/usr.sbin/ipf/ipftest/test/expected/i1
+++ b/usr.sbin/ipf/ipftest/test/expected/i1
@ -1,13 +0,0 @@
-pass in from any to any
-block out from any to any
-log in from any to any
-log body in from any to any
-count in from any to any
-pass in from !any to any
-block in from any to !any
-pass in on ed0(!) from 127.0.0.1/32 to 127.0.0.1/32
-block in log first on lo0(!) from any to any
-pass in log body quick from any to any
-block return-rst in quick on le0(!) proto tcp from any to any
-block return-icmp in on qe0(!) from any to any
-block return-icmp(host-unr) in on qe0(!) from any to any
--- a/usr.sbin/ipf/ipftest/test/expected/i10
+++ b/usr.sbin/ipf/ipftest/test/expected/i10
@ -1,4 +0,0 @@
-pass in from 127.0.0.1/32 to 127.0.0.1/32 with opt sec
-block in from any to any with not opt sec-class topsecret
-block in from any to any with not opt sec-class topsecret,secret
-pass in from any to any with opt sec-class topsecret,confid not opt sec-class unclass
--- a/usr.sbin/ipf/ipftest/test/expected/i11
+++ b/usr.sbin/ipf/ipftest/test/expected/i11
@ -1,4 +0,0 @@
-pass in on ed0(!) proto tcp from 127.0.0.1/32 to 127.0.0.1/32 port = 23 keep state
-block in log first on lo0(!) proto tcp/udp from any to any keep state
-pass in proto udp from 127.0.0.1/32 to 127.0.0.1/32 port = 2049 keep frags
-pass in proto udp from 127.0.0.1/32 to 127.0.0.1/32 port = 53 keep state keep frags
--- a/usr.sbin/ipf/ipftest/test/expected/i2
+++ b/usr.sbin/ipf/ipftest/test/expected/i2
@ -1,6 +0,0 @@
-log in proto tcp from any to any
-pass in proto tcp from any to any
-pass in proto udp from 127.0.0.1/32 to 127.0.0.1/32
-block in proto udp from any to any
-block in proto 250 from any to any
-pass in proto tcp/udp from any to any
--- a/usr.sbin/ipf/ipftest/test/expected/i3
+++ b/usr.sbin/ipf/ipftest/test/expected/i3
@ -1,8 +0,0 @@
-log in from any to any
-pass in from 128.0.0.0/24 to 128.0.0.0/16
-pass in from 128.0.0.0/24 to 128.0.0.0/16
-pass in from 128.0.0.0/24 to 128.0.0.0/16
-pass in from 128.0.0.0/24 to 128.0.0.0/16
-pass in from 128.0.0.0/24 to 128.0.0.0/16
-pass in from 127.0.0.1/32 to 127.0.0.1/32
-block in log from any to any
--- a/usr.sbin/ipf/ipftest/test/expected/i4
+++ b/usr.sbin/ipf/ipftest/test/expected/i4
@ -1,7 +0,0 @@
-log in proto tcp from any port > 0 to any
-log in proto tcp from any to any port > 0
-pass in proto tcp from any port != 0 to any port 0 >< 65535
-pass in proto udp from 127.0.0.1/32 port > 32000 to 127.0.0.1/32 port < 29000
-block in proto udp from any port != 123 to any port < 123
-block in proto tcp from any port = 25 to any port > 25
-pass in proto tcp/udp from any port 1 >< 3 to any port 1 <> 3
--- a/usr.sbin/ipf/ipftest/test/expected/i5
+++ b/usr.sbin/ipf/ipftest/test/expected/i5
@ -1,5 +0,0 @@
-log in from any to any
-count in tos 0x80 from any to any
-pass in on ed0(!) tos 0x40 from 127.0.0.1/32 to 127.0.0.1/32
-block in log on lo0(!) ttl 0 from any to any
-pass in quick ttl 1 from any to any
--- a/usr.sbin/ipf/ipftest/test/expected/i6
+++ b/usr.sbin/ipf/ipftest/test/expected/i6
@ -1,4 +0,0 @@
-pass in on lo0(!) fastroute from any to any
-pass in on lo0(!) dup-to qe0(!) from 127.0.0.1/32 to 127.0.0.1/32
-pass in on qe0(!) dup-to qe0(!):127.0.0.1 from 127.0.0.1/32 to 127.0.0.1/32
-block in quick on qe0(!) to qe1(!) from any to any
--- a/usr.sbin/ipf/ipftest/test/expected/i7
+++ b/usr.sbin/ipf/ipftest/test/expected/i7
@ -1,3 +0,0 @@
-pass in on ed0(!) proto tcp from 127.0.0.1/32 to 127.0.0.1/32 port = 23 flags S/SA
-block in on lo0(!) proto tcp from any to any flags A/FSRPAU
-pass in on lo0(!) proto tcp from any to any flags /SPA
--- a/usr.sbin/ipf/ipftest/test/expected/i8
+++ b/usr.sbin/ipf/ipftest/test/expected/i8
@ -1,2 +0,0 @@
-pass in proto icmp from 127.0.0.1/32 to 127.0.0.1/32 icmp-type timest
-block in proto icmp from any to any icmp-type unreach code 1
--- a/usr.sbin/ipf/ipftest/test/expected/i9
+++ b/usr.sbin/ipf/ipftest/test/expected/i9
@ -1,5 +0,0 @@
-pass in from 127.0.0.1/32 to 127.0.0.1/32 with short
-block in from any to any with ipopt
-pass in from any to any with opt nop,rr,zsu
-pass in from any to any with opt nop,rr,zsu not opt lsrr,ssrr
-pass in from 127.0.0.1/32 to 127.0.0.1/32 with not frag
--- a/usr.sbin/ipf/ipftest/test/hextest
+++ b/usr.sbin/ipf/ipftest/test/hextest
@ -1,37 +1,20 @@
 #!/bin/sh
 #
-#	$NetBSD: hextest,v 1.4 1998/05/29 21:01:46 veego Exp $
+#	$NetBSD: hextest,v 1.5 2000/02/06 13:05:26 veego Exp $
 #
-if [ -f /usr/ucb/touch ] ; then
-	TOUCH=/usr/ucb/touch
-else
-	if [ -f /usr/bin/touch ] ; then
-		TOUCH=/usr/bin/touch
-	else
-		if [ -f /bin/touch ] ; then
-			TOUCH=/bin/touch
-		fi
-	fi
-fi
-
-if [ -f ../ipftest ] ; then
-	IPFTEST=../ipftest
-else
-	if [ -f /usr/sbin/ipftest ] ; then
-		IPFTEST=/usr/sbin/ipftest
-	else
-		IPFTEST=ipftest
-	fi
-fi

 echo "$1...";
 /bin/cp /dev/null results/$1
 ( while read rule; do
-	echo "$rule" | $IPFTEST -br - -Hi input/$1 >> results/$1;
-done ) < regress/$1
-cmp expected/$1 results/$1
+	echo "$rule" | ipftest -br - -Hi ../../../../dist/ipf/test/input/$1 >> results/$1;
+	if [ $? -ne 0 ] ; then
+		exit 1;
+	fi
+	echo "--------" >> results/$1
+done ) < ../../../../dist/ipf/test/regress/$1
+cmp ../../../../dist/ipf/test/expected/$1 results/$1
 status=$?
 if [ $status = 0 ] ; then
-	$TOUCH $1
+	touch $1
 fi
 exit $status
--- a/usr.sbin/ipf/ipftest/test/input/1
+++ b/usr.sbin/ipf/ipftest/test/input/1
@ -1,4 +0,0 @@
-in 127.0.0.1 127.0.0.1
-in 1.1.1.1 1.2.1.1
-out 127.0.0.1 127.0.0.1
-out 1.1.1.1 1.2.1.1
--- a/usr.sbin/ipf/ipftest/test/input/10
+++ b/usr.sbin/ipf/ipftest/test/input/10
@ -1,6 +0,0 @@
-in 1.1.1.1 2.1.1.1 opt lsrr
-in 1.1.1.1 2.1.1.1
-in 1.1.1.1 2.1.1.1 opt ts
-in 1.1.1.1 2.1.1.1 opt sec-class=topsecret
-in 1.1.1.1 2.1.1.1 opt ssrr,sec-class=topsecret
-in 1.1.1.1 2.1.1.1 opt sec
--- a/usr.sbin/ipf/ipftest/test/input/11
+++ b/usr.sbin/ipf/ipftest/test/input/11
@ -1,11 +0,0 @@
-in on e0 tcp 1.1.1.1,1 2.1.2.2,23 S
-in on e0 tcp 1.1.1.1,1 2.1.2.2,23 A
-in on e1 tcp 2.1.2.2,23 1.1.1.1,1 A
-in on e0 tcp 1.1.1.1,1 2.1.2.2,23 F
-in on e0 tcp 1.1.1.1,1 2.1.2.2,23 A
-in on e0 tcp 1.1.1.1,2 2.1.2.2,23 A
-in on e1 udp 1.1.1.1,1 4.4.4.4,53
-in on e1 udp 2.2.2.2,2 4.4.4.4,53
-in on e0 udp 4.4.4.4,53 1.1.1.1,1
-in on e0 udp 4.4.4.4,1023 1.1.1.1,2049
-in on e0 udp 4.4.4.4,2049 1.1.1.1,1023
--- a/usr.sbin/ipf/ipftest/test/input/12
+++ b/usr.sbin/ipf/ipftest/test/input/12
@ -1,35 +0,0 @@
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF  SYN
-45 00 0028 0000 4000 3f 06 0000 01010101 02010101
-0401 0019 00000000 00000000 50 02 2000 0000 0000
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF  ACK
-45 00 0028 0000 4000 3f 06 0000 01010101 02010101
-0401 0019 00000000 00000000 50 10 2000 0000 0000
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF MF FO=0 ACK
-45 00 0028 0000 6000 3f 06 0000 01010101 02010101
-0401 0019 00000000 00000000 50 10 2000 0000 0000
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF FO=0
-45 00 001c 0000 6000 3f 06 0000 01010101 02010101
-0401 0019 00000000
-
-# 1.1.1.1 -> 2.1.1.1 TTL=63 TCP DF FO=1 ACK
-45 00 001c 0000 6001 3f 06 0000 01010101 02010101
-00000000 50 10 2000
-
-# 1.1.1.1 -> 2.1.1.1 TTL=63 UDP DF MF FO=0
-45 00 0014 0000 6000 3f 11 0000 01010101 02010101
-
-# 1.1.1.1,53 -> 2.1.1.1,53 TTL=63 UDP MF FO=0
-45 00 0018 0000 2000 3f 11 0000 01010101 02010101
-0035 0035
-
-# 1.1.1.1,1 -> 2.1.1.1,1 TTL=63 UDP MF FO=0
-45 00 001c 0000 2000 3f 11 0000 01010101 02010101
-0001 0001 0004 0000
-
-# 1.1.1.1,53 -> 2.1.1.1,53 TTL=63 UDP MF FO=0
-45 00 001c 0000 2000 3f 11 0000 01010101 02010101
-0035 0035 0004 0000
-
--- a/usr.sbin/ipf/ipftest/test/input/13
+++ b/usr.sbin/ipf/ipftest/test/input/13
@ -1,39 +0,0 @@
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF,MF,FO=0  SYN
-45 00 0028 0001 4000 3f 06 0000 01010101 02010101
-0401 0019 00000000 00000000 50 02 2000 0000 0000
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP MF  ACK
-45 00 0024 0002 2000 3f 06 0000 01010101 02010101
-0401001900000000 0000000050102000
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP FO=2  ACK
-45 00 002c 0002 0002 3f 06 0000 01010101 02010101
-0000000000010203 0405060708090a0b 0c0d0e0f10111213
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF MF FO=0 SYN
-45 00 0028 0003 6000 3f 06 0000 01010101 02010101
-0401 0019 00000000 00000000 50 10 2000 0000 0000
-
-# 1.1.1.1,1025 -> 2.1.1.1,25 TTL=63 TCP DF FO=0
-45 00 001c 0004 6000 3f 06 0000 01010101 02010101
-0401 0019 00000000
-
-# 1.1.1.1 -> 2.1.1.1 TTL=63 TCP DF FO=1 SYN
-45 00 001c 0005 6001 3f 06 0000 01010101 02010101
-00000000 50 10 2000
-
-# 1.1.1.1 -> 2.1.1.1 TTL=63 UDP DF MF FO=0
-45 00 0014 0006 6000 3f 11 0000 01010101 02010101
-
-# 1.1.1.1,53 -> 2.1.1.1,53 TTL=63 UDP MF FO=0
-45 00 0018 0007 2000 3f 11 0000 01010101 02010101
-0035 0035
-
-# 1.1.1.1,1 -> 2.1.1.1,1 TTL=63 UDP MF FO=0
-45 00 001c 0008 2000 3f 11 0000 01010101 02010101
-0035003500040000
-
-# 1.1.1.1,53 -> 2.1.1.1,53 TTL=63 UDP FO=1
-45 00 001c 0008 0001 3f 11 0000 01010101 02010101
-0000000000000000
-
--- a/usr.sbin/ipf/ipftest/test/input/14
+++ b/usr.sbin/ipf/ipftest/test/input/14
@ -1,5 +0,0 @@
-in 127.0.0.1 127.0.0.1
-in 1.1.1.1 1.2.1.1
-in 1.1.1.2 1.2.1.1
-in 1.1.2.2 1.2.1.1
-in 1.2.2.2 1.2.1.1
--- a/usr.sbin/ipf/ipftest/test/input/2
+++ b/usr.sbin/ipf/ipftest/test/input/2
@ -1,6 +0,0 @@
-in tcp 127.0.0.1,1 127.0.0.1,21
-in tcp 1.1.1.1,1 1.2.1.1,21
-in udp 127.0.0.1,1 127.0.0.1,21
-in udp 1.1.1.1,1 1.2.1.1,21
-in icmp 127.0.0.1 127.0.0.1
-in icmp 1.1.1.1 1.2.1.1
--- a/usr.sbin/ipf/ipftest/test/input/3
+++ b/usr.sbin/ipf/ipftest/test/input/3
@ -1,5 +0,0 @@
-in 127.0.0.1 127.0.0.1
-in 1.1.1.1 1.2.1.1
-in 1.1.1.2 1.2.1.1
-in 1.1.2.2 1.2.1.1
-in 1.2.2.2 1.2.1.1
--- a/usr.sbin/ipf/ipftest/test/input/4
+++ b/usr.sbin/ipf/ipftest/test/input/4
@ -1,5 +0,0 @@
-in 127.0.0.1 127.0.0.1
-in 1.1.1.1 1.1.1.1
-in 1.1.1.1 1.1.1.2
-in 1.1.1.1 1.1.2.2
-in 1.1.1.1 1.2.2.2
--- a/usr.sbin/ipf/ipftest/test/input/5
+++ b/usr.sbin/ipf/ipftest/test/input/5
@ -1,28 +0,0 @@
-in tcp 1.1.1.1,0 2.2.2.2,2222
-in tcp 1.1.1.1,1 2.2.2.2,2222
-in tcp 1.1.1.1,23 2.2.2.2,2222
-in tcp 1.1.1.1,21 2.2.2.2,2222
-in tcp 1.1.1.1,1023 2.2.2.2,2222
-in tcp 1.1.1.1,1024 2.2.2.2,2222
-in tcp 1.1.1.1,1025 2.2.2.2,2222
-in tcp 1.1.1.1,32767 2.2.2.2,2222
-in tcp 1.1.1.1,32768 2.2.2.2,2222
-in tcp 1.1.1.1,65535 2.2.2.2,2222
-in tcp 1.1.1.1,5999 2.2.2.2,2222
-in tcp 1.1.1.1,6000 2.2.2.2,2222
-in tcp 1.1.1.1,6009 2.2.2.2,2222
-in tcp 1.1.1.1,6010 2.2.2.2,2222
-in udp 1.1.1.1,0 2.2.2.2,2222
-in udp 1.1.1.1,1 2.2.2.2,2222
-in udp 1.1.1.1,23 2.2.2.2,2222
-in udp 1.1.1.1,21 2.2.2.2,2222
-in udp 1.1.1.1,1023 2.2.2.2,2222
-in udp 1.1.1.1,1024 2.2.2.2,2222
-in udp 1.1.1.1,1025 2.2.2.2,2222
-in udp 1.1.1.1,32767 2.2.2.2,2222
-in udp 1.1.1.1,32768 2.2.2.2,2222
-in udp 1.1.1.1,65535 2.2.2.2,2222
-in udp 1.1.1.1,5999 2.2.2.2,2222
-in udp 1.1.1.1,6000 2.2.2.2,2222
-in udp 1.1.1.1,6009 2.2.2.2,2222
-in udp 1.1.1.1,6010 2.2.2.2,2222
--- a/usr.sbin/ipf/ipftest/test/input/6
+++ b/usr.sbin/ipf/ipftest/test/input/6
@ -1,28 +0,0 @@
-in tcp 2.2.2.2,2222 1.1.1.1,0
-in tcp 2.2.2.2,2222 1.1.1.1,1
-in tcp 2.2.2.2,2222 1.1.1.1,23
-in tcp 2.2.2.2,2222 1.1.1.1,21
-in tcp 2.2.2.2,2222 1.1.1.1,1023
-in tcp 2.2.2.2,2222 1.1.1.1,1024
-in tcp 2.2.2.2,2222 1.1.1.1,1025
-in tcp 2.2.2.2,2222 1.1.1.1,32767
-in tcp 2.2.2.2,2222 1.1.1.1,32768
-in tcp 2.2.2.2,2222 1.1.1.1,65535
-in tcp 2.2.2.2,2222 1.1.1.1,5999
-in tcp 2.2.2.2,2222 1.1.1.1,6000
-in tcp 2.2.2.2,2222 1.1.1.1,6009
-in tcp 2.2.2.2,2222 1.1.1.1,6010
-in udp 2.2.2.2,2222 1.1.1.1,0
-in udp 2.2.2.2,2222 1.1.1.1,1
-in udp 2.2.2.2,2222 1.1.1.1,23
-in udp 2.2.2.2,2222 1.1.1.1,21
-in udp 2.2.2.2,2222 1.1.1.1,1023
-in udp 2.2.2.2,2222 1.1.1.1,1024
-in udp 2.2.2.2,2222 1.1.1.1,1025
-in udp 2.2.2.2,2222 1.1.1.1,32767
-in udp 2.2.2.2,2222 1.1.1.1,32768
-in udp 2.2.2.2,2222 1.1.1.1,65535
-in udp 2.2.2.2,2222 1.1.1.1,5999
-in udp 2.2.2.2,2222 1.1.1.1,6000
-in udp 2.2.2.2,2222 1.1.1.1,6009
-in udp 2.2.2.2,2222 1.1.1.1,6010
--- a/usr.sbin/ipf/ipftest/test/input/7
+++ b/usr.sbin/ipf/ipftest/test/input/7
@ -1,9 +0,0 @@
-in icmp 1.1.1.1 2.1.1.1 echo
-in icmp 1.1.1.1 2.1.1.1 echo,1
-in icmp 1.1.1.1 2.1.1.1 echo,3
-in icmp 1.1.1.1 2.1.1.1 unreach
-in icmp 1.1.1.1 2.1.1.1 unreach,1
-in icmp 1.1.1.1 2.1.1.1 unreach,3
-in icmp 1.1.1.1 2.1.1.1 echorep
-in icmp 1.1.1.1 2.1.1.1 echorep,1
-in icmp 1.1.1.1 2.1.1.1 echorep,3
--- a/usr.sbin/ipf/ipftest/test/input/8
+++ b/usr.sbin/ipf/ipftest/test/input/8
@ -1,6 +0,0 @@
-in tcp 1.1.1.1,1 2.1.2.2,1 S
-in tcp 1.1.1.1,1 2.1.2.2,1 SA
-in tcp 1.1.1.1,1 2.1.2.2,1 SF
-in tcp 1.1.1.1,1 2.1.2.2,1 SFPAUR
-in tcp 1.1.1.1,1 2.1.2.2,1 PAU
-in tcp 1.1.1.1,1 2.1.2.2,1 A
--- a/usr.sbin/ipf/ipftest/test/input/9
+++ b/usr.sbin/ipf/ipftest/test/input/9
@ -1,6 +0,0 @@
-in 1.1.1.1 2.1.1.1 opt lsrr
-in 1.1.1.1 2.1.1.1 opt lsrr,ssrr
-in 1.1.1.1 2.1.1.1 opt ts
-in 1.1.1.1 2.1.1.1 opt sec-class=topsecret
-in 1.1.1.1 2.1.1.1 opt ssrr,sec-class=topsecret
-in 1.1.1.1 2.1.1.1 opt sec
--- a/usr.sbin/ipf/ipftest/test/itest
+++ b/usr.sbin/ipf/ipftest/test/itest
@ -1,35 +1,14 @@
 #!/bin/sh
 #
-#	$NetBSD: itest,v 1.4 1998/05/29 21:01:47 veego Exp $
+#	$NetBSD: itest,v 1.5 2000/02/06 13:05:27 veego Exp $
 #
-if [ -f /usr/ucb/touch ] ; then
-	TOUCH=/usr/ucb/touch
-else
-	if [ -f /usr/bin/touch ] ; then
-		TOUCH=/usr/bin/touch
-	else
-		if [ -f /bin/touch ] ; then
-			TOUCH=/bin/touch
-		fi
-	fi
-fi
-
-if [ -f ../ipf ] ; then
-	IPF=../ipf
-else
-	if [ -f /usr/sbin/ipf ] ; then
-		IPF=/usr/sbin/ipf
-	else
-		IPF=ipf
-	fi
-fi

 echo "$1...";
 /bin/cp /dev/null results/$1
-$IPF -nvf regress/$1 2>/dev/null > results/$1
-cmp expected/$1 results/$1
+ipf -nvf ../../../../dist/ipf/test/regress/$1 2>/dev/null > results/$1
+cmp ../../../../dist/ipf/test/expected/$1 results/$1
 status=$?
 if [ $status = 0 ] ; then
-	$TOUCH $1
+	touch $1
 fi
 exit $status
--- a/usr.sbin/ipf/ipftest/test/nattest
+++ b/usr.sbin/ipf/ipftest/test/nattest
@ -0,0 +1,20 @@
+#!/bin/sh
+#
+#	$NetBSD: nattest,v 1.1 2000/02/06 13:05:27 veego Exp $
+#
+
+echo "$1...";
+/bin/cp /dev/null results/$1
+( while read rule; do
+	echo "$rule" | ipftest -Nbr - -i ../../../../dist/ipf/test/input/$1 >> results/$1;
+	if [ $? -ne 0 ] ; then
+		exit 1;
+	fi
+	echo "-------------------------------" >> results/$1
+done ) < ../../../../dist/ipf/test/regress/$1
+cmp ../../../../dist/ipf/test/expected/$1 results/$1
+status=$?
+if [ $status = 0 ] ; then
+	touch $1
+fi
+exit $status
--- a/usr.sbin/ipf/ipftest/test/regress/1
+++ b/usr.sbin/ipf/ipftest/test/regress/1
@ -1,4 +0,0 @@
-block in all
-pass in all
-block out all
-pass out all
--- a/usr.sbin/ipf/ipftest/test/regress/10
+++ b/usr.sbin/ipf/ipftest/test/regress/10
@ -1,18 +0,0 @@
-block in from any to any with not ipopts
-pass in from any to any with not opt sec-class topsecret
-block in from any to any with not opt ssrr,sec-class topsecret
-pass in from any to any with not opt ssrr,sec-class topsecret
-block in from any to any with not opt ts,sec-class topsecret
-pass in from any to any with not opt ts,sec-class topsecret
-block in from any to any with not opt sec-class secret
-pass in from any to any with not opt sec-class secret
-block in from any to any with not opt lsrr,ssrr
-pass in from any to any with not opt lsrr,ssrr
-pass in from any to any with not ipopts
-block in from any to any with not opt lsrr
-pass in from any to any with not opt lsrr
-block in from any to any with not opt ssrr,ts
-pass in from any to any with not opt ssrr,ts
-block in from any to any with not opt rr
-pass in from any to any with not opt rr
-block in from any to any with not opt sec-class topsecret
--- a/usr.sbin/ipf/ipftest/test/regress/11
+++ b/usr.sbin/ipf/ipftest/test/regress/11
@ -1,6 +0,0 @@
-pass in proto tcp from any to any port = 23 flags S/SA keep state
-block in proto tcp from any to any port = 23 flags S/SA keep state
-pass in proto udp from any to any port = 53 keep frags
-block in proto udp from any to any port = 53 keep frags
-pass in proto udp from any to any port = 53 keep state
-block in proto udp from any to any port = 53 keep state
--- a/usr.sbin/ipf/ipftest/test/regress/12
+++ b/usr.sbin/ipf/ipftest/test/regress/12
@ -1,6 +0,0 @@
-pass in proto tcp from any port > 1024 to any port = 25 with not short
-pass in proto tcp from any port > 1024 to any port = 25
-block in proto tcp from any to any with short
-block in proto tcp from any to any with frag
-pass in proto udp from any port = 53 to any port = 53
-block in proto udp from any port = 53 to any port = 53 with not short
--- a/usr.sbin/ipf/ipftest/test/regress/13
+++ b/usr.sbin/ipf/ipftest/test/regress/13
@ -1,6 +0,0 @@
-pass in proto tcp from any to any port = 25 flags S/SA keep frags
-block in proto tcp from any to any port = 25 flags S/SA keep frags
-pass in proto udp from any to any port = 53 keep frags
-block in proto udp from any to any port = 53 keep frags
-pass in proto tcp from any to any port = 25 flags S/SA keep state keep frags
-block in proto tcp from any to any port = 25 flags S/SA keep state keep frags
--- a/usr.sbin/ipf/ipftest/test/regress/14
+++ b/usr.sbin/ipf/ipftest/test/regress/14
@ -1,8 +0,0 @@
-block in from !1.1.1.1 to any
-pass in from 1.1.1.1 to !any
-block in from 1.1.1.1/24 to !any
-pass in from !1.1.1.1/24 to any
-block in from !1.1.1.1/16 to any
-pass in from 1.1.1.1/16 to !any
-block in from 1.1.1.1/0 to !any
-pass in from !1.1.1.1/0 to any
--- a/usr.sbin/ipf/ipftest/test/regress/2
+++ b/usr.sbin/ipf/ipftest/test/regress/2
@ -1,6 +0,0 @@
-block in proto tcp from any to any
-pass in proto tcp from any to any
-block in proto udp from any to any
-pass in proto udp from any to any
-block in proto icmp from any to any
-pass in proto icmp from any to any
--- a/usr.sbin/ipf/ipftest/test/regress/3
+++ b/usr.sbin/ipf/ipftest/test/regress/3
@ -1,8 +0,0 @@
-block in from 1.1.1.1 to any
-pass in from 1.1.1.1 to any
-block in from 1.1.1.1/24 to any
-pass in from 1.1.1.1/24 to any
-block in from 1.1.1.1/16 to any
-pass in from 1.1.1.1/16 to any
-block in from 1.1.1.1/0 to any
-pass in from 1.1.1.1/0 to any
--- a/usr.sbin/ipf/ipftest/test/regress/4
+++ b/usr.sbin/ipf/ipftest/test/regress/4
@ -1,8 +0,0 @@
-block in from any to 1.1.1.1
-pass in from any to 1.1.1.1
-block in from any to 1.1.1.1/24
-pass in from any to 1.1.1.1/24
-block in from any to 1.1.1.1/16
-pass in from any to 1.1.1.1/16
-block in from any to 1.1.1.1/0
-pass in from any to 1.1.1.1/0
--- a/usr.sbin/ipf/ipftest/test/regress/5
+++ b/usr.sbin/ipf/ipftest/test/regress/5
@ -1,48 +0,0 @@
-block in proto tcp from any port = 23 to any
-block in proto udp from any port = 23 to any
-block in proto tcp/udp from any port = 23 to any
-pass in proto tcp from any port <= 1023 to any
-pass in proto udp from any port <= 1023 to any
-pass in proto tcp/udp from any port <= 1023 to any
-block in proto tcp from any port >= 1024 to any
-block in proto udp from any port >= 1024 to any
-block in proto tcp/udp from any port >= 1024 to any
-pass in proto tcp from any port >= 1024 to any
-pass in proto udp from any port >= 1024 to any
-pass in proto tcp/udp from any port >= 1024 to any
-block in proto tcp from any port 0 >< 512 to any
-block in proto udp from any port 0 >< 512 to any
-block in proto tcp/udp from any port 0 >< 512 to any
-pass in proto tcp from any port 0 >< 512 to any
-pass in proto udp from any port 0 >< 512 to any
-pass in proto tcp/udp from any port 0 >< 512 to any
-block in proto tcp from any port 6000 <> 6009 to any
-block in proto udp from any port 6000 <> 6009 to any
-block in proto tcp/udp from any port 6000 <> 6009 to any
-pass in proto tcp from any port 6000 <> 6009 to any
-pass in proto udp from any port 6000 <> 6009 to any
-pass in proto tcp/udp from any port 6000 <> 6009 to any
-pass in proto tcp from any port = 23 to any
-pass in proto udp from any port = 23 to any
-pass in proto tcp/udp from any port = 23 to any
-block in proto tcp from any port != 21 to any
-block in proto udp from any port != 21 to any
-block in proto tcp/udp from any port != 21 to any
-pass in proto tcp from any port != 21 to any
-pass in proto udp from any port != 21 to any
-pass in proto tcp/udp from any port != 21 to any
-block in proto tcp from any port < 1024 to any
-block in proto udp from any port < 1024 to any
-block in proto tcp/udp from any port < 1024 to any
-pass in proto tcp from any port < 1024 to any
-pass in proto udp from any port < 1024 to any
-pass in proto tcp/udp from any port < 1024 to any
-block in proto tcp from any port > 1023 to any
-block in proto udp from any port > 1023 to any
-block in proto tcp/udp from any port > 1023 to any
-pass in proto tcp from any port > 1023 to any
-pass in proto udp from any port > 1023 to any
-pass in proto tcp/udp from any port > 1023 to any
-block in proto tcp from any port <= 1023 to any
-block in proto udp from any port <= 1023 to any
-block in proto tcp/udp from any port <= 1023 to any
--- a/usr.sbin/ipf/ipftest/test/regress/6
+++ b/usr.sbin/ipf/ipftest/test/regress/6
@ -1,48 +0,0 @@
-block in proto tcp from any to any port = 23
-block in proto udp from any to any port = 23
-block in proto tcp/udp from any to any port = 23
-pass in proto tcp from any to any port <= 1023
-pass in proto udp from any to any port <= 1023
-pass in proto tcp/udp from any to any port <= 1023
-block in proto tcp from any to any port >= 1024
-block in proto udp from any to any port >= 1024
-block in proto tcp/udp from any to any port >= 1024
-pass in proto tcp from any to any port >= 1024
-pass in proto udp from any to any port >= 1024
-pass in proto tcp/udp from any to any port >= 1024
-block in proto tcp from any to any port 0 >< 512
-block in proto udp from any to any port 0 >< 512
-block in proto tcp/udp from any to any port 0 >< 512
-pass in proto tcp from any to any port 0 >< 512
-pass in proto udp from any to any port 0 >< 512
-pass in proto tcp/udp from any to any port 0 >< 512
-block in proto tcp from any to any port 6000 <> 6009
-block in proto udp from any to any port 6000 <> 6009
-block in proto tcp/udp from any to any port 6000 <> 6009
-pass in proto tcp from any to any port 6000 <> 6009
-pass in proto udp from any to any port 6000 <> 6009
-pass in proto tcp/udp from any to any port 6000 <> 6009
-pass in proto tcp from any to any port = 23
-pass in proto udp from any to any port = 23
-pass in proto tcp/udp from any to any port = 23
-block in proto tcp from any to any port != 21
-block in proto udp from any to any port != 21
-block in proto tcp/udp from any to any port != 21
-pass in proto tcp from any to any port != 21
-pass in proto udp from any to any port != 21
-pass in proto tcp/udp from any to any port != 21
-block in proto tcp from any to any port < 1024
-block in proto udp from any to any port < 1024
-block in proto tcp/udp from any to any port < 1024
-pass in proto tcp from any to any port < 1024
-pass in proto udp from any to any port < 1024
-pass in proto tcp/udp from any to any port < 1024
-block in proto tcp from any to any port > 1023
-block in proto udp from any to any port > 1023
-block in proto tcp/udp from any to any port > 1023
-pass in proto tcp from any to any port > 1023
-pass in proto udp from any to any port > 1023
-pass in proto tcp/udp from any to any port > 1023
-block in proto tcp from any to any port <= 1023
-block in proto udp from any to any port <= 1023
-block in proto tcp/udp from any to any port <= 1023
--- a/usr.sbin/ipf/ipftest/test/regress/7
+++ b/usr.sbin/ipf/ipftest/test/regress/7
@ -1,6 +0,0 @@
-block in proto icmp from any to any icmp-type echo
-pass in proto icmp from any to any icmp-type echo
-block in proto icmp from any to any icmp-type unreach code 3
-pass in proto icmp from any to any icmp-type unreach code 3
-block in proto icmp from any to any icmp-type echorep
-pass in proto icmp from any to any icmp-type echorep
--- a/usr.sbin/ipf/ipftest/test/regress/8
+++ b/usr.sbin/ipf/ipftest/test/regress/8
@ -1,6 +0,0 @@
-block in proto tcp from any to any flags S
-pass in proto tcp from any to any flags S
-block in proto tcp from any to any flags S/SA
-pass in proto tcp from any to any flags S/SA
-block in proto tcp from any to any flags S/APU
-pass in proto tcp from any to any flags S/APU
--- a/usr.sbin/ipf/ipftest/test/regress/9
+++ b/usr.sbin/ipf/ipftest/test/regress/9
@ -1,18 +0,0 @@
-block in from any to any with ipopts
-pass in from any to any with opt sec-class topsecret
-block in from any to any with opt ssrr,sec-class topsecret
-pass in from any to any with opt ssrr,sec-class topsecret
-block in from any to any with opt ts,sec-class topsecret
-pass in from any to any with opt ts,sec-class topsecret
-block in from any to any with opt sec-class secret
-pass in from any to any with opt sec-class secret
-block in from any to any with opt lsrr,ssrr
-pass in from any to any with opt lsrr,ssrr
-pass in from any to any with ipopts
-block in from any to any with opt lsrr
-pass in from any to any with opt lsrr
-block in from any to any with opt ssrr,ts
-pass in from any to any with opt ssrr,ts
-block in from any to any with opt rr
-pass in from any to any with opt rr
-block in from any to any with opt sec-class topsecret
--- a/usr.sbin/ipf/ipftest/test/regress/i1
+++ b/usr.sbin/ipf/ipftest/test/regress/i1
@ -1,13 +0,0 @@
-pass in all
-block out all
-log in all
-log body in all
-count in from any to any
-pass in from !any to any
-block in from any to !any
-pass in on ed0 from localhost to localhost
-block in log first on lo0 from any to any
-pass in log body quick from any to any
-block return-rst in quick on le0 proto tcp from any to any
-block return-icmp in on qe0 from any to any
-block return-icmp(1) in on qe0 from any to any
--- a/usr.sbin/ipf/ipftest/test/regress/i10
+++ b/usr.sbin/ipf/ipftest/test/regress/i10
@ -1,4 +0,0 @@
-pass in from localhost to localhost with opt sec
-block in from any to any with not opt sec-class topsecret
-block in from any to any with not opt sec-class topsecret,secret
-pass in from any to any with opt sec-class topsecret,confid not opt sec-class unclass
--- a/usr.sbin/ipf/ipftest/test/regress/i11
+++ b/usr.sbin/ipf/ipftest/test/regress/i11
@ -1,4 +0,0 @@
-pass in on ed0 proto tcp from localhost to localhost port = telnet keep state
-block in log first on lo0 proto tcp/udp from any to any keep state
-pass in proto udp from localhost to localhost port = 2049 keep frags
-pass in proto udp from localhost to localhost port = 53 keep state keep frags
--- a/usr.sbin/ipf/ipftest/test/regress/i2
+++ b/usr.sbin/ipf/ipftest/test/regress/i2
@ -1,6 +0,0 @@
-log in proto tcp all
-pass in proto 6 from any to any
-pass in proto udp from localhost to localhost
-block in proto 17 from any to any
-block in proto 250 from any to any
-pass in proto tcp/udp from any to any
--- a/usr.sbin/ipf/ipftest/test/regress/i3
+++ b/usr.sbin/ipf/ipftest/test/regress/i3
@ -1,8 +0,0 @@
-log in all
-pass in from 128.0.0.1/24 to 128.0.0.1/16
-pass in from 128.0.0.1/0xffffff00 to 128.0.0.1/0xffff0000
-pass in from 128.0.0.1/255.255.255.0 to 128.0.0.1/255.255.0.0
-pass in from 128.0.0.1 mask 0xffffff00 to 128.0.0.1 mask 0xffff0000
-pass in from 128.0.0.1 mask 255.255.255.0 to 128.0.0.1 mask 255.255.0.0
-pass in from localhost to localhost
-block in log from 0/0 to 0/0
--- a/usr.sbin/ipf/ipftest/test/regress/i4
+++ b/usr.sbin/ipf/ipftest/test/regress/i4
@ -1,7 +0,0 @@
-log in proto tcp from any port > 0 to any
-log in proto tcp from any to any port > 0
-pass in proto 6 from any port != 0 to any port 0 >< 65535
-pass in proto 17 from localhost port > 32000 to localhost port < 29000
-block in proto udp from any port != ntp to any port < ntp
-block in proto tcp from any port = smtp to any port > 25
-pass in proto tcp/udp from any port 1 >< 3 to any port 1 <> 3
--- a/usr.sbin/ipf/ipftest/test/regress/i5
+++ b/usr.sbin/ipf/ipftest/test/regress/i5
@ -1,5 +0,0 @@
-log in all
-count in tos 0x80 from any to any
-pass in on ed0 tos 64 from localhost to localhost
-block in log on lo0 ttl 0 from any to any
-pass in quick ttl 1 from any to any
--- a/usr.sbin/ipf/ipftest/test/regress/i6
+++ b/usr.sbin/ipf/ipftest/test/regress/i6
@ -1,4 +0,0 @@
-pass in on lo0 fastroute from any to any
-pass in on lo0 dup-to qe0 from localhost to localhost
-pass in on qe0 dup-to qe0:127.0.0.1 from localhost to localhost
-block in quick on qe0 to qe1 from any to any
--- a/usr.sbin/ipf/ipftest/test/regress/i7
+++ b/usr.sbin/ipf/ipftest/test/regress/i7
@ -1,3 +0,0 @@
-pass in on ed0 proto tcp from localhost to localhost port = 23 flags S/SA
-block in on lo0 proto tcp from any to any flags A
-pass in on lo0 proto tcp from any to any flags /SAP
--- a/usr.sbin/ipf/ipftest/test/regress/i8
+++ b/usr.sbin/ipf/ipftest/test/regress/i8
@ -1,2 +0,0 @@
-pass in proto icmp from localhost to localhost icmp-type timest
-block in proto icmp from any to any icmp-type unreach code 1
--- a/usr.sbin/ipf/ipftest/test/regress/i9
+++ b/usr.sbin/ipf/ipftest/test/regress/i9
@ -1,5 +0,0 @@
-pass in from localhost to localhost with short
-block in from any to any with ipopts
-pass in from any to any with opt nop,rr,zsu
-pass in from any to any with opt nop,rr,zsu not opt ssrr,lsrr
-pass in from localhost to localhost with not frag