tests: add FilterRule testing for #9744

The test already revealed an issue with the refactor: replacing "any" with "" and then "" with "in" is not in the interest of the inventor. Fix follows.
2026-02-18 18:18:13 -05:00 · 2026-02-06 21:28:06 +01:00 · 2026-02-06 21:28:06 +01:00 · b50350a910
commit b50350a910
parent 72cea55c1a
4 changed files with 92 additions and 0 deletions
--- a/3
+++ b/3
@ -1049,6 +1049,9 @@
 /usr/local/opnsense/mvc/tests/app/library/OPNsense/Core/ConfigConfig/backup/object.xml
 /usr/local/opnsense/mvc/tests/app/library/OPNsense/Core/ConfigTest.php
 /usr/local/opnsense/mvc/tests/app/library/OPNsense/Core/ShellTest.php
+/usr/local/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest.php
+/usr/local/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest/testDirection.conf
+/usr/local/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest/testIcmp.conf
 /usr/local/opnsense/mvc/tests/app/models/OPNsense/ACL/AclConfig/config.xml
 /usr/local/opnsense/mvc/tests/app/models/OPNsense/ACL/AclTest.php
 /usr/local/opnsense/mvc/tests/app/models/OPNsense/Base/BaseModel/Migrations/M0_0_1.php
--- a/src/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest.php
+++ b/src/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest.php
@ -0,0 +1,79 @@
+<?php
+
+/*
+ * Copyright (C) 2026 Deciso B.V.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ *    this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ *
+ *  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ *  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ *  AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ *  AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+ *  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ *  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+ *  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+ *  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ *  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+ *  POSSIBILITY OF SUCH DAMAGE.
+ */
+
+namespace tests\OPNsense\Firewall;
+
+use OPNsense\Firewall\FilterRule;
+
+class FilterRuleTest extends \PHPUnit\Framework\TestCase
+{
+    public static $ifmap = [];
+    public static $gwmap = [];
+
+    /**
+     * get the stored test ouput
+     */
+    public function getConf($func)
+    {
+        $class = str_replace(__NAMESPACE__ . '\\', '', __CLASS__);
+
+        return file_get_contents(sprintf('%s/%s/%s.conf', __DIR__, $class, $func));
+    }
+
+    /**
+     * test direction
+     */
+    public function testDirection()
+    {
+        $rules = [];
+
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, []);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['direction' => '']);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['direction' => null]);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['direction' => 'in']);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['direction' => 'out']);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['direction' => 'any']);
+
+        $this->assertEquals(join('', $rules), $this->getConf(__FUNCTION__));
+    }
+
+    /**
+     * test icmp
+     */
+    public function testIcmp()
+    {
+        $rules = [];
+
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['icmp-type' => 'mobregreq,skip,2']);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['icmp-type' => 'skip,2']);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['icmp-type' => '2']);
+        $rules[] = new FilterRule(self::$ifmap, self::$gwmap, ['icmp-type' => '']);
+
+        $this->assertEquals(join('', $rules), $this->getConf(__FUNCTION__));
+    }
+}
--- a/src/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest/testDirection.conf
+++ b/src/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest/testDirection.conf
@ -0,0 +1,6 @@
+pass in quick from {any} to {any}
+pass in quick from {any} to {any}
+pass in quick from {any} to {any}
+pass in quick from {any} to {any}
+pass out quick from {any} to {any}
+pass quick from {any} to {any}
--- a/src/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest/testIcmp.conf
+++ b/src/opnsense/mvc/tests/app/library/OPNsense/Firewall/FilterRuleTest/testIcmp.conf
@ -0,0 +1,4 @@
+pass in quick from {any} to {any} icmp-type {mobregreq,"skip",2}
+pass in quick from {any} to {any} icmp-type {"skip",2}
+pass in quick from {any} to {any} icmp-type {2}
+pass in quick from {any} to {any}