fromto is optional now, "from any to any" equals "all" equals omitted.

A single rule "block" is not valid, and does the same as "block in all,
block out all".

2 files changed, 24 insertions, 12 deletions

diff --git a/regress/sbin/pfctl/pf40.in b/regress/sbin/pfctl/pf40.in
index 128a0448639..3a621aee443 100644
--- a/regress/sbin/pfctl/pf40.in
+++ b/regress/sbin/pfctl/pf40.in
@@ -1,26 +1,26 @@
-#scrub
+scrub
 scrub all
-#scrub in
-#scrub out
+scrub in
+scrub out
 scrub in all
 scrub from any to any
-#block
-#block return
-#block return-rst proto tcp
-#pass
-#pass in
-#pass out
+block
+block return
+block return-rst proto tcp
+pass
+pass in
+pass out
 pass all
 block in all
 block out all
 block from any to any
 pass in from any to any
 pass out from any to any
-#block on lo0
+block on lo0
 pass on lo0 all
 block on lo0 from any to any
-#pass proto tcp flags S/SA
-#pass proto udp keep state
+pass proto tcp flags S/SA
+pass proto udp keep state
 pass in proto udp all keep state
 pass out proto udp from any to any keep state
 pass out on lo0 proto tcp from any to any port 25 keep state
diff --git a/regress/sbin/pfctl/pf40.ok b/regress/sbin/pfctl/pf40.ok
index 17ef44abb51..d919b8d5511 100644
--- a/regress/sbin/pfctl/pf40.ok
+++ b/regress/sbin/pfctl/pf40.ok
@@ -1,14 +1,26 @@
 scrub all fragment reassemble 
+scrub all fragment reassemble 
+scrub in all fragment reassemble 
+scrub out all fragment reassemble 
 scrub in all fragment reassemble 
 scrub all fragment reassemble 
+block drop all 
+block return all 
+block return-rst proto tcp all 
+pass all 
+pass in all 
+pass out all 
 pass all 
 block drop in all 
 block drop out all 
 block drop all 
 pass in all 
 pass out all 
+block drop on lo0 all 
 pass on lo0 all 
 block drop on lo0 all 
+pass proto tcp all flags S/SA 
+pass proto udp all keep state 
 pass in proto udp all keep state 
 pass out proto udp all keep state 
 pass out on lo0 proto tcp from any to any port = smtp keep state