[pve-devel] [PATCH 3/3] rename netgroup to ipset

Tue Apr 1 16:06:14 CEST 2014

Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 example/cluster.fw  |    2 +-
 src/PVE/Firewall.pm |    6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/example/cluster.fw b/example/cluster.fw
index 8af85f6..3000985 100644
--- a/example/cluster.fw
+++ b/example/cluster.fw
@@ -20,7 +20,7 @@ IN  ACCEPT 10.0.0.1,10.0.0.2,10.0.0.3
 IN  ACCEPT +mynetgroup 
 
 
-[netgroup mynetgroup]
+[ipset myipset]
 
 192.168.0.1 #mycomment
 172.16.0.10
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index d1535f8..e04e4a6 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -934,7 +934,7 @@ sub ruleset_generate_cmdstr {
 
     if ($source){
         if($source =~ m/^(\+)(\S+)$/){
-	    die "no such netgroup $2" if !$cluster_conf->{ipset}->{$2};
+	    die "no such ipset $2" if !$cluster_conf->{ipset}->{$2};
 	    push @cmd, "-m set --match-set PVEFW-$2 src";
 
         }elsif ($source =~ m/^(\d+)\.(\d+).(\d+).(\d+)\-(\d+)\.(\d+).(\d+).(\d+)$/){
@@ -947,7 +947,7 @@ sub ruleset_generate_cmdstr {
 
     if ($dest){
         if($dest =~ m/^(\+)(\S+)$/){
-	    die "no such netgroup $2" if !$cluster_conf->{ipset}->{$2};
+	    die "no such ipset $2" if !$cluster_conf->{ipset}->{$2};
 	    push @cmd, "-m set --match-set PVEFW-$2 dst";
 
         }elsif ($dest =~ m/^(\d+)\.(\d+).(\d+).(\d+)\-(\d+)\.(\d+).(\d+).(\d+)$/){
@@ -1811,7 +1811,7 @@ sub parse_cluster_fw_rules {
 	    next;
 	}
     
-	if ($line =~ m/^\[netgroup\s+(\S+)\]\s*$/i) {
+	if ($line =~ m/^\[ipset\s+(\S+)\]\s*$/i) {
 	    $section = 'ipset';
 	    $group = lc($1);
 	    next;
-- 
1.7.10.4


