upstream/opnsense-src
1
0
Fork 0
mirror of https://github.com/opnsense/src.git synced 2026-05-28 04:12:45 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
opnsense-src/tests/sys/netpfil
History
Thomas Pasqualini f40bb3b602 pf tests: pfsync and route_to test case 
Test pfsync in a more realistic scenario with carp and route_to rules.

Build this topology and initiate a single ping session from client to
server:
		   ┌──────┐
		   │client│
		   └───┬──┘
		       │
		   ┌───┴───┐
		   │bridge0│
		   └┬─────┬┘
		    │     │
   ┌────────────────┴─┐ ┌─┴────────────────┐
   │gw_route_to_master├─┤gw_route_to_backup│
   └────────────────┬─┘ └─┬────────────────┘
		    │     │
		   ┌┴─────┴┐
		   │bridge1│
		   └┬─────┬┘
		    │     │
   ┌────────────────┴─┐ ┌─┴────────────────┐
   │gw_reply_to_master├─┤gw_reply_to_backup│
   └────────────────┬─┘ └─┬────────────────┘
		    │     │
		   ┌┴─────┴┐
		   │bridge2│
		   └───┬───┘
		       │
		   ┌───┴──┐
		   │server│
		   └──────┘

gw* jails forward traffic through pf route-to rules, not fib lookups.
If backup_promotion arg is given (as in the pfsync_pbr test case), a
carp failover event occurs during the ping session on both gateways.

Verify that ping messages still go where we expect them to go.

MFC after:	2 weeks
Sponsored by:	Orange Business Services

(cherry picked from commit 536e1da18b)
2022-06-18 09:30:11 +02:00
..
common pf tests: test NAT-ed ICMP errors 2021-11-14 00:15:37 +01:00
pf pf tests: pfsync and route_to test case 2022-06-18 09:30:11 +02:00
Makefile Add common firewall test suite 2019-08-05 11:47:34 +00:00
Makefile.depend DIRDEPS_BUILD: Connect new directories. 2017-10-31 00:04:07 +00:00