[pve-devel] [PATCH] implement ipset ip/net groups
Dietmar Maurer
dietmar at proxmox.com
Fri Mar 28 13:39:42 CET 2014
> >>What happens if we delete ipset chains which are still in use by iptables?
>
> ipset will throw an error like "ipset in use in iptables...."
>
> so I think we should check if it's used or not before trying to remove it.
>
> I'll implement next week ipset in iptables rules.
You just need to spit the code into 'update' and 'cleanup' sections - and run cleanup after updating iptables.
More information about the pve-devel
mailing list