1 files changed, 168 insertions, 162 deletions
diff --git a/bin/tests/system/rpzrecurse/tests.sh b/bin/tests/system/rpzrecurse/tests.sh
index eed53e8..afc1a2b 100644
--- a/bin/tests/system/rpzrecurse/tests.sh
+++ b/bin/tests/system/rpzrecurse/tests.sh
@@ -27,86 +27,95 @@ ARGS=
 
 USAGE="$0: [-xS]"
 while getopts "xS:" c; do
-    case $c in
-	x) set -x; DEBUG=-x; ARGS="$ARGS -x";;
-	S) SAVE_RESULTS=-S; ARGS="$ARGS -S";;
-	*) echo "$USAGE" 1>&2; exit 1;;
-    esac
+  case $c in
+    x)
+      set -x
+      DEBUG=-x
+      ARGS="$ARGS -x"
+      ;;
+    S)
+      SAVE_RESULTS=-S
+      ARGS="$ARGS -S"
+      ;;
+    *)
+      echo "$USAGE" 1>&2
+      exit 1
+      ;;
+  esac
 done
 shift $((OPTIND - 1))
 if test "$#" -ne 0; then
-    echo "$USAGE" 1>&2
-    exit 1
+  echo "$USAGE" 1>&2
+  exit 1
 fi
 # really quit on control-C
 trap 'exit 1' 1 2 15
 
 DNSRPSCMD=../rpz/dnsrps
-RNDCCMD="$RNDC -c ../common/rndc.conf -p ${CONTROLPORT} -s"
+RNDCCMD="$RNDC -c ../_common/rndc.conf -p ${CONTROLPORT} -s"
 
 # $1 = test name (such as 1a, 1b, etc. for which named.$1.conf exists)
 run_server() {
-    TESTNAME=$1
+  TESTNAME=$1
 
-    echo_i "stopping resolver"
-    stop_server --use-rndc --port ${CONTROLPORT} ns2
+  echo_i "stopping resolver"
+  stop_server --use-rndc --port ${CONTROLPORT} ns2
 
-    sleep 1
+  sleep 1
 
-    echo_i "starting resolver using named.$TESTNAME.conf"
-    cp -f ns2/named.$TESTNAME.conf ns2/named.conf
-    start_server --noclean --restart --port ${PORT} ns2
-    sleep 3
+  echo_i "starting resolver using named.$TESTNAME.conf"
+  cp -f ns2/named.$TESTNAME.conf ns2/named.conf
+  start_server --noclean --restart --port ${PORT} ns2
+  sleep 3
 }
 
 run_query() {
-    TESTNAME=$1
-    LINE=$2
+  TESTNAME=$1
+  LINE=$2
 
-    NAME=$(sed -n -e "$LINE,"'$p' ns2/$TESTNAME.queries | head -n 1)
-    $DIG $DIGOPTS $NAME a @10.53.0.2 -p ${PORT} -b 127.0.0.1 > dig.out.${t}
-    grep "status: SERVFAIL" dig.out.${t} > /dev/null 2>&1 && return 1
-    return 0
+  NAME=$(sed -n -e "$LINE,"'$p' ns2/$TESTNAME.queries | head -n 1)
+  $DIG $DIGOPTS $NAME a @10.53.0.2 -p ${PORT} -b 127.0.0.1 >dig.out.${t}
+  grep "status: SERVFAIL" dig.out.${t} >/dev/null 2>&1 && return 1
+  return 0
 }
 
 # $1 = test name (such as 1a, 1b, etc. for which $1.queries exists)
 # $2 = line number in query file to test (the name to query is taken from this line)
 expect_norecurse() {
-    TESTNAME=$1
-    LINE=$2
+  TESTNAME=$1
+  LINE=$2
 
-    NAME=$(sed -n -e "$LINE,"'$p' ns2/$TESTNAME.queries | head -n 1)
-    t=$((t + 1))
-    echo_i "testing $NAME doesn't recurse (${t})"
-    add_test_marker 10.53.0.2
-    run_query $TESTNAME $LINE || {
-	echo_i "test ${t} failed"
-	status=1
-    }
+  NAME=$(sed -n -e "$LINE,"'$p' ns2/$TESTNAME.queries | head -n 1)
+  t=$((t + 1))
+  echo_i "testing $NAME doesn't recurse (${t})"
+  add_test_marker 10.53.0.2
+  run_query $TESTNAME $LINE || {
+    echo_i "test ${t} failed"
+    status=1
+  }
 }
 
 # $1 = test name (such as 1a, 1b, etc. for which $1.queries exists)
 # $2 = line number in query file to test (the name to query is taken from this line)
 expect_recurse() {
-    TESTNAME=$1
-    LINE=$2
+  TESTNAME=$1
+  LINE=$2
 
-    NAME=$(sed -n -e "$LINE,"'$p' ns2/$TESTNAME.queries | head -n 1)
-    t=$((t + 1))
-    echo_i "testing $NAME recurses (${t})"
-    add_test_marker 10.53.0.2
-    run_query $TESTNAME $LINE && {
-	echo_i "test ${t} failed"
-	status=1
-    }
-    return 0
+  NAME=$(sed -n -e "$LINE,"'$p' ns2/$TESTNAME.queries | head -n 1)
+  t=$((t + 1))
+  echo_i "testing $NAME recurses (${t})"
+  add_test_marker 10.53.0.2
+  run_query $TESTNAME $LINE && {
+    echo_i "test ${t} failed"
+    status=1
+  }
+  return 0
 }
 
 add_test_marker() {
-    for ns in $@
-    do
-	$RNDCCMD $ns null ---- test ${t} ----
-    done
+  for ns in $@; do
+    $RNDCCMD $ns null ---- test ${t} ----
+  done
 }
 
 native=0
@@ -114,36 +123,36 @@ dnsrps=0
 for mode in native dnsrps; do
   status=0
   case $mode in
-  native)
-    if [ -e dnsrps-only ] ; then
-      echo_i "'dnsrps-only' found: skipping native RPZ sub-test"
-      continue
-    else
-      echo_i "running native RPZ sub-test"
-    fi
-    ;;
-  dnsrps)
-    if [ -e dnsrps-off ] ; then
-      echo_i "'dnsrps-off' found: skipping DNSRPS sub-test"
-      continue
-    fi
-    echo_i "attempting to configure servers with DNSRPS..."
-    stop_server --use-rndc --port ${CONTROLPORT}
-    $SHELL ./setup.sh -N -D $DEBUG
-    sed -n 's/^## //p' dnsrps.conf | cat_i
-    if grep '^#fail' dnsrps.conf >/dev/null; then
-      echo_i "exit status: 1"
-      exit 1
-    fi
-    if grep '^#skip' dnsrps.conf > /dev/null; then
-      echo_i "DNSRPS sub-test skipped"
-      continue
-    else
-      echo_i "running DNSRPS sub-test"
-      start_server --noclean --restart --port ${PORT}
-      sleep 3
-    fi
-    ;;
+    native)
+      if [ -e dnsrps-only ]; then
+        echo_i "'dnsrps-only' found: skipping native RPZ sub-test"
+        continue
+      else
+        echo_i "running native RPZ sub-test"
+      fi
+      ;;
+    dnsrps)
+      if [ -e dnsrps-off ]; then
+        echo_i "'dnsrps-off' found: skipping DNSRPS sub-test"
+        continue
+      fi
+      echo_i "attempting to configure servers with DNSRPS..."
+      stop_server --use-rndc --port ${CONTROLPORT}
+      $SHELL ./setup.sh -N -D $DEBUG
+      sed -n 's/^## //p' dnsrps.conf | cat_i
+      if grep '^#fail' dnsrps.conf >/dev/null; then
+        echo_i "exit status: 1"
+        exit 1
+      fi
+      if grep '^#skip' dnsrps.conf >/dev/null; then
+        echo_i "DNSRPS sub-test skipped"
+        continue
+      else
+        echo_i "running DNSRPS sub-test"
+        start_server --noclean --restart --port ${PORT}
+        sleep 3
+      fi
+      ;;
   esac
 
   # show whether and why DNSRPS is enabled or disabled
@@ -152,8 +161,8 @@ for mode in native dnsrps; do
   t=$((t + 1))
   echo_i "testing that l1.l0 exists without RPZ (${t})"
   add_test_marker 10.53.0.2
-  $DIG $DIGOPTS l1.l0 ns @10.53.0.2 -p ${PORT} > dig.out.${t}
-  grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l1.l0 ns @10.53.0.2 -p ${PORT} >dig.out.${t}
+  grep "status: NOERROR" dig.out.${t} >/dev/null 2>&1 || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -161,8 +170,8 @@ for mode in native dnsrps; do
   t=$((t + 1))
   echo_i "testing that l2.l1.l0 returns SERVFAIL without RPZ (${t})"
   add_test_marker 10.53.0.2
-  $DIG $DIGOPTS l2.l1.l0 ns @10.53.0.2 -p ${PORT} > dig.out.${t}
-  grep "status: SERVFAIL" dig.out.${t} > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l2.l1.l0 ns @10.53.0.2 -p ${PORT} >dig.out.${t}
+  grep "status: SERVFAIL" dig.out.${t} >/dev/null 2>&1 || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -179,8 +188,7 @@ for mode in native dnsrps; do
   # Group 2
   run_server 2a
   for n in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 \
-	   21 22 23 24 25 26 27 28 29 30 31 32
-  do
+    21 22 23 24 25 26 27 28 29 30 31 32; do
     expect_norecurse 2a $n
   done
   expect_recurse 2a 33
@@ -221,8 +229,7 @@ for mode in native dnsrps; do
     add_test_marker 10.53.0.2
     c=0
     for i in 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 \
-	     17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33
-    do
+      17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33; do
       run_query 4$n $i || c=$((c + 1))
     done
     skipped=$((33 - c))
@@ -249,7 +256,7 @@ for mode in native dnsrps; do
   t=$((t + 1))
   echo_i "running dig to cache CNAME record (${t})"
   add_test_marker 10.53.0.1 10.53.0.2
-  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org CNAME > dig.out.${t}
+  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org CNAME >dig.out.${t}
   sleep 1
   echo_i "suspending authority server"
   PID=$(cat ns1/named.pid)
@@ -257,30 +264,29 @@ for mode in native dnsrps; do
   echo_i "adding an NSDNAME policy"
   cp ns2/db.6a.00.policy.local ns2/saved.policy.local
   cp ns2/db.6b.00.policy.local ns2/db.6a.00.policy.local
-  $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/ns2 /' | cat_i
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/ns2 /' | cat_i
   test -f dnsrpzd.pid && kill -USR1 $(cat dnsrpzd.pid) || true
   sleep 1
   t=$((t + 1))
   echo_i "running dig to follow CNAME (blocks, so runs in the background) (${t})"
   add_test_marker 10.53.0.2
-  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org A +time=5 > dig.out.${t} &
+  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org A +time=5 >dig.out.${t} &
   sleep 1
   echo_i "removing the NSDNAME policy"
   cp ns2/db.6c.00.policy.local ns2/db.6a.00.policy.local
-  $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/ns2 /' | cat_i
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/ns2 /' | cat_i
   test -f dnsrpzd.pid && kill -USR1 $(cat dnsrpzd.pid) || true
   sleep 1
   echo_i "resuming authority server"
   PID=$(cat ns1/named.pid)
   kill -CONT $PID
   add_test_marker 10.53.0.1
-  for n in 1 2 3 4 5 6 7 8 9
-  do
+  for n in 1 2 3 4 5 6 7 8 9; do
     sleep 1
     [ -s dig.out.${t} ] || continue
-    grep "status: .*," dig.out.${t} > /dev/null 2>&1 && break
+    grep "status: .*," dig.out.${t} >/dev/null 2>&1 && break
   done
-  grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || {
+  grep "status: NOERROR" dig.out.${t} >/dev/null 2>&1 || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -292,20 +298,20 @@ for mode in native dnsrps; do
   t=$((t + 1))
   echo_i "running dig to cache CNAME record (${t})"
   add_test_marker 10.53.0.1 10.53.0.2
-  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org CNAME > dig.out.${t}
+  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org CNAME >dig.out.${t}
   sleep 1
   echo_i "suspending authority server"
   PID=$(cat ns1/named.pid)
   kill -STOP $PID
   echo_i "adding an NSDNAME policy"
   cp ns2/db.6b.00.policy.local ns2/db.6a.00.policy.local
-  $RNDC -c ../common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/ns2 /' | cat_i
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.2 -p ${CONTROLPORT} reload 6a.00.policy.local 2>&1 | sed 's/^/ns2 /' | cat_i
   test -f dnsrpzd.pid && kill -USR1 $(cat dnsrpzd.pid) || true
   sleep 1
   t=$((t + 1))
   echo_i "running dig to follow CNAME (blocks, so runs in the background) (${t})"
   add_test_marker 10.53.0.2
-  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org A +time=5 > dig.out.${t} &
+  $DIG $DIGOPTS @10.53.0.2 -p ${PORT} www.test.example.org A +time=5 >dig.out.${t} &
   sleep 1
   echo_i "removing the policy zone"
   cp ns2/named.default.conf ns2/named.conf
@@ -319,9 +325,9 @@ for mode in native dnsrps; do
   for n in 1 2 3 4 5 6 7 8 9; do
     sleep 1
     [ -s dig.out.${t} ] || continue
-    grep "status: .*," dig.out.${t} > /dev/null 2>&1 && break
+    grep "status: .*," dig.out.${t} >/dev/null 2>&1 && break
   done
-  grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || {
+  grep "status: NOERROR" dig.out.${t} >/dev/null 2>&1 || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -332,14 +338,13 @@ for mode in native dnsrps; do
   add_test_marker 10.53.0.2
   run_server max
   i=1
-  while test $i -le 64
-  do
-      $DIG $DIGOPTS name$i a @10.53.0.2 -p ${PORT} -b 10.53.0.1 > dig.out.${t}.${i}
-      grep "^name$i.[ 	]*[0-9]*[ 	]*IN[ 	]*A[ 	]*10.53.0.$i" dig.out.${t}.${i} > /dev/null 2>&1 || {
-	  echo_i "test $t failed: didn't get expected answer from policy zone $i"
-	  status=1
-      }
-      i=$((i + 1))
+  while test $i -le 64; do
+    $DIG $DIGOPTS name$i a @10.53.0.2 -p ${PORT} -b 10.53.0.1 >dig.out.${t}.${i}
+    grep "^name$i.[ 	]*[0-9]*[ 	]*IN[ 	]*A[ 	]*10.53.0.$i" dig.out.${t}.${i} >/dev/null 2>&1 || {
+      echo_i "test $t failed: didn't get expected answer from policy zone $i"
+      status=1
+    }
+    i=$((i + 1))
   done
 
   # Check CLIENT-IP behavior
@@ -347,12 +352,12 @@ for mode in native dnsrps; do
   echo_i "testing CLIENT-IP behavior (${t})"
   add_test_marker 10.53.0.2
   run_server clientip
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 > dig.out.${t}
-  grep "status: NOERROR" dig.out.${t} > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 >dig.out.${t}
+  grep "status: NOERROR" dig.out.${t} >/dev/null 2>&1 || {
     echo_i "test $t failed: query failed"
     status=1
   }
-  grep "^l2.l1.l0.[ 	]*[0-9]*[ 	]*IN[ 	]*A[ 	]*10.53.0.2" dig.out.${t} > /dev/null 2>&1 || {
+  grep "^l2.l1.l0.[ 	]*[0-9]*[ 	]*IN[ 	]*A[ 	]*10.53.0.2" dig.out.${t} >/dev/null 2>&1 || {
     echo_i "test $t failed: didn't get expected answer"
     status=1
   }
@@ -362,27 +367,27 @@ for mode in native dnsrps; do
   echo_i "testing CLIENT-IP behavior #2 (${t})"
   add_test_marker 10.53.0.2
   run_server clientip2
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.1 > dig.out.${t}.1
-  grep "status: SERVFAIL" dig.out.${t}.1 > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.1 >dig.out.${t}.1
+  grep "status: SERVFAIL" dig.out.${t}.1 >/dev/null 2>&1 || {
     echo_i "test $t failed: query failed"
     status=1
   }
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.2 > dig.out.${t}.2
-  grep "status: NXDOMAIN" dig.out.${t}.2 > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.2 >dig.out.${t}.2
+  grep "status: NXDOMAIN" dig.out.${t}.2 >/dev/null 2>&1 || {
     echo_i "test $t failed: query failed"
     status=1
   }
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.3 > dig.out.${t}.3
-  grep "status: NOERROR" dig.out.${t}.3 > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.3 >dig.out.${t}.3
+  grep "status: NOERROR" dig.out.${t}.3 >/dev/null 2>&1 || {
     echo_i "test $t failed: query failed"
     status=1
   }
-  grep "^l2.l1.l0.[ 	]*[0-9]*[ 	]*IN[ 	]*A[ 	]*10.53.0.1" dig.out.${t}.3 > /dev/null 2>&1 || {
+  grep "^l2.l1.l0.[ 	]*[0-9]*[ 	]*IN[ 	]*A[ 	]*10.53.0.1" dig.out.${t}.3 >/dev/null 2>&1 || {
     echo_i "test $t failed: didn't get expected answer"
     status=1
   }
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 > dig.out.${t}.4
-  grep "status: SERVFAIL" dig.out.${t}.4 > /dev/null 2>&1 || {
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 >dig.out.${t}.4
+  grep "status: SERVFAIL" dig.out.${t}.4 >/dev/null 2>&1 || {
     echo_i "test $t failed: query failed"
     status=1
   }
@@ -393,18 +398,18 @@ for mode in native dnsrps; do
   add_test_marker 10.53.0.2
   run_server log
   cur=$(awk 'BEGIN {l=0} /^/ {l++} END { print l }' ns2/named.run)
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 > dig.out.${t}
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.3 >> dig.out.${t}
-  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.2 >> dig.out.${t}
-  sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.4.0.53.10.rpz-client-ip.log1" > /dev/null && {
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.4 >dig.out.${t}
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.3 >>dig.out.${t}
+  $DIG $DIGOPTS l2.l1.l0 a @10.53.0.2 -p ${PORT} -b 10.53.0.2 >>dig.out.${t}
+  sed -n "$cur,"'$p' <ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.4.0.53.10.rpz-client-ip.log1" >/dev/null && {
     echo_ic "failed: unexpected rewrite message for policy zone log1 was logged"
     status=1
   }
-  sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.3.0.53.10.rpz-client-ip.log2" > /dev/null || {
+  sed -n "$cur,"'$p' <ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.3.0.53.10.rpz-client-ip.log2" >/dev/null || {
     echo_ic "failed: expected rewrite message for policy zone log2 was not logged"
     status=1
   }
-  sed -n "$cur,"'$p' < ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.2.0.53.10.rpz-client-ip.log3" > /dev/null || {
+  sed -n "$cur,"'$p' <ns2/named.run | grep "view recursive: rpz CLIENT-IP Local-Data rewrite l2.l1.l0/A/IN via 32.2.0.53.10.rpz-client-ip.log3" >/dev/null || {
     echo_ic "failed: expected rewrite message for policy zone log3 was not logged"
     status=1
   }
@@ -415,13 +420,13 @@ for mode in native dnsrps; do
   echo_i "testing wildcard behavior with 1 RPZ zone (${t})"
   add_test_marker 10.53.0.2
   run_server wildcard1
-  $DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p ${PORT} > dig.out.${t}.1
-  grep "status: NXDOMAIN" dig.out.${t}.1 > /dev/null || {
+  $DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p ${PORT} >dig.out.${t}.1
+  grep "status: NXDOMAIN" dig.out.${t}.1 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
-  $DIG $DIGOPTS test1.example.net a @10.53.0.2 -p ${PORT} > dig.out.${t}.2
-  grep "status: NXDOMAIN" dig.out.${t}.2 > /dev/null || {
+  $DIG $DIGOPTS test1.example.net a @10.53.0.2 -p ${PORT} >dig.out.${t}.2
+  grep "status: NXDOMAIN" dig.out.${t}.2 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -430,13 +435,13 @@ for mode in native dnsrps; do
   echo_i "testing wildcard behavior with 2 RPZ zones (${t})"
   add_test_marker 10.53.0.2
   run_server wildcard2
-  $DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p ${PORT} > dig.out.${t}.1
-  grep "status: NXDOMAIN" dig.out.${t}.1 > /dev/null || {
+  $DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p ${PORT} >dig.out.${t}.1
+  grep "status: NXDOMAIN" dig.out.${t}.1 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
-  $DIG $DIGOPTS test1.example.net a @10.53.0.2 -p ${PORT} > dig.out.${t}.2
-  grep "status: NXDOMAIN" dig.out.${t}.2 > /dev/null || {
+  $DIG $DIGOPTS test1.example.net a @10.53.0.2 -p ${PORT} >dig.out.${t}.2
+  grep "status: NXDOMAIN" dig.out.${t}.2 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -445,13 +450,13 @@ for mode in native dnsrps; do
   echo_i "testing wildcard behavior with 1 RPZ zone and no non-wildcard triggers (${t})"
   add_test_marker 10.53.0.2
   run_server wildcard3
-  $DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p ${PORT} > dig.out.${t}.1
-  grep "status: NXDOMAIN" dig.out.${t}.1 > /dev/null || {
+  $DIG $DIGOPTS www.test1.example.net a @10.53.0.2 -p ${PORT} >dig.out.${t}.1
+  grep "status: NXDOMAIN" dig.out.${t}.1 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
-  $DIG $DIGOPTS test1.example.net a @10.53.0.2 -p ${PORT} > dig.out.${t}.2
-  grep "status: NOERROR" dig.out.${t}.2 > /dev/null || {
+  $DIG $DIGOPTS test1.example.net a @10.53.0.2 -p ${PORT} >dig.out.${t}.2
+  grep "status: NOERROR" dig.out.${t}.2 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -460,13 +465,13 @@ for mode in native dnsrps; do
   echo_i "testing wildcard passthru before explicit drop (${t})"
   add_test_marker 10.53.0.2
   run_server wildcard4
-  $DIG $DIGOPTS example.com a @10.53.0.2 -p ${PORT} > dig.out.${t}.1
-  grep "status: NOERROR" dig.out.${t}.1 > /dev/null || {
+  $DIG $DIGOPTS example.com a @10.53.0.2 -p ${PORT} >dig.out.${t}.1
+  grep "status: NOERROR" dig.out.${t}.1 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
-  $DIG $DIGOPTS www.example.com a @10.53.0.2 -p ${PORT} > dig.out.${t}.2
-  grep "status: NOERROR" dig.out.${t}.2 > /dev/null || {
+  $DIG $DIGOPTS www.example.com a @10.53.0.2 -p ${PORT} >dig.out.${t}.2
+  grep "status: NOERROR" dig.out.${t}.2 >/dev/null || {
     echo_i "test ${t} failed"
     status=1
   }
@@ -477,7 +482,7 @@ for mode in native dnsrps; do
     echo_i "testing for invalid prefix length error (${t})"
     add_test_marker 10.53.0.2
     run_server invalidprefixlength
-    grep "invalid rpz IP address \"1000.4.0.53.10.rpz-client-ip.invalidprefixlength\"; invalid prefix length of 1000$" ns2/named.run > /dev/null || {
+    grep "invalid rpz IP address \"1000.4.0.53.10.rpz-client-ip.invalidprefixlength\"; invalid prefix length of 1000$" ns2/named.run >/dev/null || {
       echo_ic "failed: expected that invalid prefix length error would be logged"
       status=1
     }
@@ -489,20 +494,20 @@ for mode in native dnsrps; do
   echo_i "timing 'nsip-wait-recurse yes' (default)"
   ret=0
   t1=$($PERL -e 'print time()."\n";')
-  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a > dig.out.yes.$t
+  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a >dig.out.yes.$t
   t2=$($PERL -e 'print time()."\n";')
   p1=$((t2 - t1))
   echo_i "elapsed time $p1 seconds"
 
-  $RNDC  -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush
   copy_setports ns3/named2.conf.in ns3/named.conf
-  nextpart ns3/named.run > /dev/null
-  $RNDC  -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload > /dev/null
+  nextpart ns3/named.run >/dev/null
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload >/dev/null
   wait_for_log 20 "rpz: policy: reload done" ns3/named.run || ret=1
 
   echo_i "timing 'nsip-wait-recurse no'"
   t3=$($PERL -e 'print time()."\n";')
-  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a > dig.out.no.$t
+  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a >dig.out.no.$t
   t4=$($PERL -e 'print time()."\n";')
   p2=$((t4 - t3))
   echo_i "elapsed time $p2 seconds"
@@ -511,11 +516,11 @@ for mode in native dnsrps; do
   if test $ret != 0; then echo_i "failed"; fi
   status=$((status + ret))
 
-  $RNDC  -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush
   # restore original named.conf
   copy_setports ns3/named1.conf.in ns3/named.conf
-  nextpart ns3/named.run > /dev/null
-  $RNDC  -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload > /dev/null
+  nextpart ns3/named.run >/dev/null
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload >/dev/null
   wait_for_log 20 "rpz: policy: reload done" ns3/named.run || ret=1
 
   t=$((t + 1))
@@ -524,20 +529,20 @@ for mode in native dnsrps; do
   echo_i "timing 'nsdname-wait-recurse yes' (default)"
   ret=0
   t1=$($PERL -e 'print time()."\n";')
-  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a > dig.out.yes.$t
+  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a >dig.out.yes.$t
   t2=$($PERL -e 'print time()."\n";')
   p1=$((t2 - t1))
   echo_i "elapsed time $p1 seconds"
 
-  $RNDC  -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} flush
   copy_setports ns3/named3.conf.in ns3/named.conf
-  nextpart ns3/named.run > /dev/null
-  $RNDC  -c ../common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload > /dev/null
+  nextpart ns3/named.run >/dev/null
+  $RNDC -c ../_common/rndc.conf -s 10.53.0.3 -p ${CONTROLPORT} reload >/dev/null
   wait_for_log 20 "rpz: policy: reload done" ns3/named.run || ret=1
 
   echo_i "timing 'nsdname-wait-recurse no'"
   t3=$($PERL -e 'print time()."\n";')
-  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a > dig.out.no.$t
+  $DIG -p ${PORT} @10.53.0.3 foo.child.example.tld a >dig.out.no.$t
   t4=$($PERL -e 'print time()."\n";')
   p2=$((t4 - t3))
   echo_i "elapsed time $p2 seconds"
@@ -546,16 +551,17 @@ for mode in native dnsrps; do
   if test $ret != 0; then echo_i "failed"; fi
   status=$((status + ret))
 
-
   [ $status -ne 0 ] && pf=fail || pf=pass
   case $mode in
-  native)
-    native=$status
-    echo_i "status (native RPZ sub-test): $status ($pf)";;
-  dnsrps)
-    dnsrps=$status
-    echo_i "status (DNSRPS sub-test): $status ($pf)";;
-  *) echo_i "invalid test mode";;
+    native)
+      native=$status
+      echo_i "status (native RPZ sub-test): $status ($pf)"
+      ;;
+    dnsrps)
+      dnsrps=$status
+      echo_i "status (DNSRPS sub-test): $status ($pf)"
+      ;;
+    *) echo_i "invalid test mode" ;;
   esac
 done
 status=$((native + dnsrps))