| Commit message (Collapse) | Author | Age | Files | Lines | |
|---|---|---|---|---|---|
| * | ESP path MTU discovery over IPv6 tunnel has been fixed. Add test. |   bluhm | 2021-02-01 | 1 | -6/+76 |
| | | |||||
| * | Test path MTU discovery with IPv6 TCP packets tunneled in IPv4 ESP. | bluhm | 2021-01-20 | 3 | -17/+75 |
| | | |||||
| * | Test that IPv4 path MTU discovery works over IPsec in tunnel mode. | bluhm | 2020-12-21 | 2 | -3/+53 |
| | | |||||
| * | Use regress framework for setup and shorten target names. | bluhm | 2020-12-20 | 1 | -41/+47 |
| | | |||||
| * | Remove echo headlines. | bluhm | 2020-12-17 | 1 | -27/+1 |
| | | |||||
| * | Do not create files as dependency of .BEGIN rule. Noticed by | bluhm | 2020-01-15 | 1 | -4/+4 |
| | | | | | deraadt@ with make obj in regress. | ||||
| * | Rework when tests have to be skipped due to insufficient configuration | bluhm | 2020-01-08 | 1 | -1/+7 |
| | | | | | of the regress machine. | ||||
| * | The IPsec policy check for IPComp bundles has been fixed in the | bluhm | 2019-12-20 | 1 | -11/+11 |
| | | | | | | kernel. So we can make the test config stricter. Change the type of ipcomp bundle flows from use to dontacq. | ||||
| * | Always try to build packet reflector on remote machine. It may be | bluhm | 2018-09-28 | 1 | -1/+2 |
| | | | | | missing after reinstall. | ||||
| * | Make sure that the inetd echo and nonxt protocol reflectors are | bluhm | 2018-05-28 | 1 | -2/+9 |
| | | | | | running on the remote machines. | ||||
| * | Activate IPv6 no next header protocol over IPsec test. Run the | bluhm | 2018-05-21 | 4 | -28/+112 |
| | | | | | | | protocol 59 reflector as daemon on the remote machine like an echo service. It is configured during setup creation and started by an rc.d script. | ||||
| * | Install inetd.conf files and start the daemon on remote machines | bluhm | 2018-05-19 | 1 | -17/+53 |
| | | | | | | | during make create-setup. This makes it easier to configure all machines correctly for the test run. suggested by mpi@ | ||||
| * | Additionally send no next header protocol 59 packets through the | bluhm | 2018-05-19 | 3 | -14/+285 |
| | | | | | | | IPsec test. They consist solely of an IPv6 header chain and trigger edge cases. Deactivate for now until the raw IP reflector can be build and started reliably on remote machine. | ||||
| * | Typo fix, ok bluhm@ |   mpi | 2018-05-15 | 1 | -4/+4 |
| | | |||||
| * | Disable counting TCP packets in the test as it does not work reliably. | bluhm | 2018-04-12 | 1 | -23/+4 |
| | | | | | The sequence of packets and combination of flags depends on timing. | ||||
| * | Remove useless make depend targets. | bluhm | 2017-07-07 | 1 | -3/+1 |
| | | |||||
| * | Now that pf looks behind IPv4 authentication headers, disable the | bluhm | 2017-05-28 | 1 | -2/+5 |
| | | | | | | transport mode tests that fail because of floating states. At least IPv4 and IPv6 are in sync now. | ||||
| * | Do not use reject routes as they prevent path MTU discovery. | bluhm | 2017-05-27 | 1 | -14/+30 |
| | | | | | | Drop possible old TCP connections from previous test runs. Adapt regex that checks tcpdump pflog0, output has been fixed. | ||||
| * | Try to work around a race in the daily test run. Before killing | bluhm | 2017-05-15 | 1 | -1/+2 |
| | | | | | tcpdump, sleep a while to collect all data. | ||||
| * | Run all IPsec tests with a pf rule that logs everything on the enc0 | bluhm | 2017-05-12 | 3 | -15/+69 |
| | | | | | | | interface. Use tcpdump to write the pflog0 output into a file. Then grep can verify that all encrypted packets have been processed by pf. | ||||
| * | Enable IPv6 IPsec transport mode tests for ping and TCP over ESP | bluhm | 2017-05-11 | 1 | -34/+1 |
| | | | | | and IPComp. The kernel has been fixed. | ||||
| * | Use the new netcat -W recvlimit feature to speed up the test. | bluhm | 2017-05-11 | 1 | -2/+2 |
| | | |||||
| * | Run tcpdump(8) on the enc0 device while the test is sending IPsec | bluhm | 2017-05-10 | 2 | -26/+123 |
| | | | | | | packets. Then check whether decrypted packets have been processed by bpf(4) as expected. | ||||
| * | Add IPsec test for manually configured SA bundles. That does ipcomp, | bluhm | 2017-05-04 | 2 | -68/+227 |
| | | | | | | | and esp, and ah with one flow and three SAs in one step. Test transport mode, locally terminated tunnel and forwarding packets from and to tunnel. | ||||
| * | Make sure these tests print "SKIPPED" if the necessary variables aren't set. |   kettenis | 2017-04-16 | 1 | -5/+4 |
| | | | | | | | | | The current code doesn't work since the magic .BEGIN target runs before the regress target that prints "SKIPPED" and the .BEGIN target fails when the variables aren't set. ok bluhm@ | ||||
| * | Add test for IP payload compression. It is sending small and big | bluhm | 2017-04-14 | 2 | -30/+167 |
| | | | | | ping packets as only the latter get actually compressed. | ||||
| * | Add IPsec tests for ipip encapsulation. | bluhm | 2017-02-27 | 2 | -37/+139 |
| | | |||||
| * | Test IPsec with AH the same way it is already done for ESP. | bluhm | 2017-02-13 | 3 | -155/+376 |
| | | |||||
| * | Fix IP address schema to make space for AH tests. | bluhm | 2017-02-08 | 1 | -16/+16 |
| | | |||||
| * | Encrypt UDP and TCP packets in test. Use a sane transport config. | bluhm | 2017-02-08 | 3 | -7/+49 |
| | | |||||
| * | Ping via IPsec must increment ESP input and output counter by one. | bluhm | 2017-02-06 | 1 | -2/+8 |
| | | |||||
| * | Test combinations of IPsec tunnel and transport mode on several | bluhm | 2017-02-06 | 4 | -0/+551 |
| machines. For now only ESP encrypted IPv4 and IPv6 ICMP ping packets are generated. | |||||
 |
index : wireguard-openbsd | |
| WireGuard implementation for the OpenBSD kernel | Matt Dunwoodie |
| summaryrefslogtreecommitdiffstats |