#
1c5b886e |
|
01-Jun-2024 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: make ether:dummynet test a little more robust Allow slightly more bandwidth, but cause ping to give up sooner. MFC after: 1 week Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
d0b2dbfa |
|
16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
#
4d846d26 |
|
10-May-2023 |
Warner Losh <imp@FreeBSD.org> |
spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch up to that fact and revert to their recommended match of BSD-2-Clause. Discussed with: pfg MFC After: 3 days Sponsored by: Netflix
|
#
a7222b3c |
|
28-Oct-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: bridge-to test case Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D37194
|
#
80dadb9c |
|
15-Sep-2022 |
Mitchell Horne <mhorne@FreeBSD.org> |
pf tests: require scapy for ether:short_pkt The pft_ether.py script requires both python and scapy to be installed. Check for this so we properly skip the test when it is unavailable. Reviewed by: kp Fixes: 07ffa50ba075d ("pf tests: test short packets") Differential Revision: https://reviews.freebsd.org/D36561
|
#
6d1471fd |
|
10-Jul-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: support packet size range in pft_ether.py Teach pft_ether.py to send a range of packet sizes. Use this to move the size sweep into Python, removing the repeated Python startup overhead and greatly speeding up the pf.ether.short_pkt test. This should fix test timeouts seen on ci.freebsd.org. While here also extend the range of packet sizes tested, because it adds very little runtime now. Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
ba3b6b93 |
|
01-Jul-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf: handle dummynet for non-IP packets Do not panic if we try to dummynet an Ethernet packet that's not IPv4 or IPv6. Simply give it to dummynet. Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
07ffa50b |
|
23-Jun-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: test short packets Test sending very short packets (i.e. too short for an IP header) packets in the Ethernet filtering code. Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
3fccdfab |
|
31-May-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: basic 'tagged' test for Ethernet rules Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D35364
|
#
7b271afd |
|
31-May-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: basic 'tagged' test for Ethernet rules Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D35363
|
#
b3fa36ef |
|
18-May-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: extend ethernet dummynet test Extend the existing ethernet dummynet test to also test dummynet on the outbound direction. This used to be a problem as traffic shaping wasn't done in the ethernet code. It merely tagged the packet and left shaping up to the layer 3 pf code. This works in the inbound direction, but not for outbound traffic where we hit the L3 code first and only then the L2 code. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D35258
|
#
1977d9a3 |
|
08-May-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: factor out common dummynet check Reviewed by: glebius Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D35160
|
#
812839e5 |
|
12-Apr-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf: allow the use of tables in ethernet rules Allow tables to be used for the l3 source/destination matching. This requires taking the PF_RULES read lock. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D34917
|
#
9bb06778 |
|
29-Mar-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf: support listing ethernet anchors Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
3468cd95 |
|
25-Mar-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf: ether l3 rules can only use addresses Disallow the use of tables in ethernet rules. Using tables requires taking the PF_RULES lock. Moreover, the current table code isn't ready to deal with ethernet rules. Disallow their use for now. Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
734782a7 |
|
08-Mar-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: Test new L3 inspection for pf 'ether' rules Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D34483
|
#
0d889267 |
|
20-Jan-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: extend ether test to verify mac address masks Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
fdadb006 |
|
18-Jan-2022 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: Ensure 'pfctl -F ethernet' works Sponsored by: Rubicon Communications, LLC ("Netgate")
|
#
93b64cdc |
|
13-Oct-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: slightly more complect captive portal setup Combine anchor, dummynet and rdr to produce a more complex captive portal setup. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D32484
|
#
d1702bd1 |
|
12-Oct-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: basic test for ether anchors Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D32483
|
#
87a89d6e |
|
30-Sep-2021 |
Kristof Provost <kp@FreeBSD.org> |
pfctl: support lists of mac addresses Teach the 'ether' rules to accept { mac1, mac2, ... } lists, similar to the lists of interfaces or IP addresses we already supported for layer 3 filtering. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D32481
|
#
0faafc21 |
|
28-Sep-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: test dummynet for ether traffic Test that we can set dummynet information on L2, which is processed by L3 later (assuming it's not overruled by L3 rules, of course). Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D32223
|
#
feefb562 |
|
15-Feb-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: Test ether direction Test that we correctly match inbound ('in') or outbound ('out') Ethernet packets. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31747
|
#
792d7a56 |
|
12-Feb-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: Basic captive portal like test Use the ether rules to selectively (i.e. per MAC address) redirect certain connections. Test that tags carry over to the layer-3 pf code. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31746
|
#
4ffb7d13 |
|
10-Feb-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: Test EtherType filtering Test filtering packets by their EtherType (i.e. ARP/IPv4/IPv6/...). Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31745
|
#
3a04f1d1 |
|
09-Feb-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: Test MAC address negation Test that we can express 'ether block from ! 00:01:02:03:04:05'. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31744
|
#
d6fc3ee2 |
|
09-Feb-2021 |
Kristof Provost <kp@FreeBSD.org> |
pf tests: MAC address filtering test Test the MAC address filtering capability in the new 'ether' feature in pf. Sponsored by: Rubicon Communications, LLC ("Netgate") Differential Revision: https://reviews.freebsd.org/D31743
|