[pve-devel] [PATCH] implement ipset ip/net groups
Alexandre DERUMIER
aderumier at odiso.com
Fri Mar 28 13:54:51 CET 2014
>>You just need to spit the code into 'update' and 'cleanup' sections - and run cleanup after updating iptables.
ok thanks
----- Mail original -----
De: "Dietmar Maurer" <dietmar at proxmox.com>
À: "Alexandre DERUMIER" <aderumier at odiso.com>
Cc: pve-devel at pve.proxmox.com
Envoyé: Vendredi 28 Mars 2014 13:39:42
Objet: RE: [pve-devel] [PATCH] implement ipset ip/net groups
> >>What happens if we delete ipset chains which are still in use by iptables?
>
> ipset will throw an error like "ipset in use in iptables...."
>
> so I think we should check if it's used or not before trying to remove it.
>
> I'll implement next week ipset in iptables rules.
You just need to spit the code into 'update' and 'cleanup' sections - and run cleanup after updating iptables.
More information about the pve-devel
mailing list