pf tests: verify checksum offload handling
Disable epair's checksum offload on one interface in a nat test, to ensure
that pf does the right thing in scenarios where one interface offloads checksum
handling and one does not.
We trust the TCP (or ICMP) checksum verification code to drop the packet if pf
does it wrong, which will cause the test case to fail.
Suggested by: tuexen
Sponsored by: Rubicon Communications, LLC ("Netgate")
This commit is contained in:
@@ -55,6 +55,9 @@ exhaust_body()
|
||||
jexec echo ifconfig ${epair_echo}b 198.51.100.2/24 up
|
||||
jexec echo /usr/sbin/inetd -p ${PWD}/inetd-echo.pid $(atf_get_srcdir)/echo_inetd.conf
|
||||
|
||||
# Disable checksum offload on one of the interfaces to ensure pf handles that
|
||||
jexec nat ifconfig ${epair_nat}a -txcsum
|
||||
|
||||
# Enable pf!
|
||||
jexec nat pfctl -e
|
||||
pft_set_rules nat \
|
||||
|
||||
Reference in New Issue
Block a user