diff options
| author |   mpf <mpf@openbsd.org> | 2007-09-19 20:57:44 +0000 |
|---|---|---|
| committer | mpf <mpf@openbsd.org> | 2007-09-19 20:57:44 +0000 |
| commit | 87970b1e4aef89c28f2bb546c771f2e2fd606d54 (patch) | |
| tree | 2c5c3facb21ba5c8451785b2ec232260601a8360 | |
| parent | several changes: (diff) | |
| download | wireguard-openbsd-87970b1e4aef89c28f2bb546c771f2e2fd606d54.tar.xz wireguard-openbsd-87970b1e4aef89c28f2bb546c771f2e2fd606d54.zip | |
Add a few "flags any" and "no state" to have the rulesets
match against the old checksums again.
| -rw-r--r-- | regress/sbin/pfctl/pfchksum1.in | 10 | ||||
| -rw-r--r-- | regress/sbin/pfctl/pfchksum2.in | 10 | ||||
| -rw-r--r-- | regress/sbin/pfctl/pfchksum3.in | 14 |
3 files changed, 17 insertions, 17 deletions
diff --git a/regress/sbin/pfctl/pfchksum1.in b/regress/sbin/pfctl/pfchksum1.in index a2f621bb692..a6393ac6077 100644 --- a/regress/sbin/pfctl/pfchksum1.in +++ b/regress/sbin/pfctl/pfchksum1.in @@ -26,9 +26,9 @@ pass out on tun1000000 proto udp all keep state pass in on tun1000000 proto udp from any to any port = domain keep state -pass out on tun1000000 proto tcp all keep state +pass out on tun1000000 proto tcp all flags any -pass in on tun1000000 proto tcp from any to any port = ssh keep state -pass in on tun1000000 proto tcp from any to any port = smtp keep state -pass in on tun1000000 proto tcp from any to any port = domain keep state -pass in on tun1000000 proto tcp from any to any port = auth keep state +pass in on tun1000000 proto tcp from any to any port = ssh flags any +pass in on tun1000000 proto tcp from any to any port = smtp flags any +pass in on tun1000000 proto tcp from any to any port = domain flags any +pass in on tun1000000 proto tcp from any to any port = auth flags any diff --git a/regress/sbin/pfctl/pfchksum2.in b/regress/sbin/pfctl/pfchksum2.in index 1ecb10ee539..abcf30aa0ef 100644 --- a/regress/sbin/pfctl/pfchksum2.in +++ b/regress/sbin/pfctl/pfchksum2.in @@ -26,9 +26,9 @@ pass out on tun1000000 proto udp all keep state pass in on tun1000000 proto udp from any to any port = domain keep state -pass out on tun1000000 proto tcp all keep state +pass out on tun1000000 proto tcp all flags any -pass in on tun1000000 proto tcp from any to any port = ssh keep state -pass in on tun1000000 proto tcp from any to any port = smtp keep state -pass in on tun1000000 proto tcp from any to any port = domain keep state -pass in on tun1000000 proto tcp from any to any port = auth keep state +pass in on tun1000000 proto tcp from any to any port = ssh flags any +pass in on tun1000000 proto tcp from any to any port = smtp flags any +pass in on tun1000000 proto tcp from any to any port = domain flags any +pass in on tun1000000 proto tcp from any to any port = auth flags any diff --git a/regress/sbin/pfctl/pfchksum3.in b/regress/sbin/pfctl/pfchksum3.in index 626bd582f3d..ec3e6997589 100644 --- a/regress/sbin/pfctl/pfchksum3.in +++ b/regress/sbin/pfctl/pfchksum3.in @@ -1,8 +1,8 @@ -pass in all -pass in from any to any -pass in proto tcp from any port <= 1024 to any label foo_bar -pass in proto tcp from any to any port = 25 -pass in proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3 port != 22 -pass in proto igmp from 10.0.0.0/8 to 10.1.1.1 allow-opts -pass in proto tcp from { 1.2.3.4, 1.2.3.5 } to any label \ +pass in all flags any no state +pass in from any to any flags any no state +pass in proto tcp from any port <= 1024 to any flags any no state label foo_bar +pass in proto tcp from any to any port = 25 flags any no state +pass in proto tcp from 10.0.0.0/8 port > 1024 to ! 10.1.2.3 port != 22 flags any no state +pass in proto igmp from 10.0.0.0/8 to 10.1.1.1 allow-opts no state +pass in proto tcp from { 1.2.3.4, 1.2.3.5 } to any flags any no state label \ "$nr:$proto:$srcaddr:$srcport:$dstaddr:$dstport" |