[pve-devel] [PATCH 1/2] Added Forward chain management

Flavius Bindea flav at flav.com
Mon May 11 22:34:16 CEST 2015


Hello,

You are rigth. FirewallSimulator was not adapted to this new chain.
I've added this workarround:

Subject: [PATCH] updated firewall simulator in order to ignore new
 PVEFW-HOST-FORWARD this is a workarrond in order to make
 regression tests working it has to be better corrected.

---
 src/PVE/FirewallSimulator.pm |    5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/PVE/FirewallSimulator.pm b/src/PVE/FirewallSimulator.pm
index 4042ace..4a9455d 100644
--- a/src/PVE/FirewallSimulator.pm
+++ b/src/PVE/FirewallSimulator.pm
@@ -260,6 +260,11 @@ sub ruleset_simulate_chain {
        return (undef, $counter);
     }

+     if ($chain eq 'PVEFW-HOST-FORWARD') {
+       add_trace("LEAVE chain $chain\n");
+       return (undef, $counter);
+    }
+
     my $rules = $ruleset->{$chain} ||
        die "no such chain '$chain'";

--
1.7.10.4

2015-05-11 6:38 GMT+02:00 Dietmar Maurer <dietmar at proxmox.com>:
> This patch breaks regression tests for me:
>
> # make check
>
> test-unconfigured/tests line 3: { to => 'vm100', action => 'ACCEPT' }
> test failed: missing dport at ../src/PVE/FirewallSimulator.pm line 154, <GEN82>
> line 3.
>



More information about the pve-devel mailing list