[pve-devel] [PATCH firewall 2/2] fix allowed group name length
Dominik Csapak
d.csapak at proxmox.com
Fri Jun 3 15:14:24 CEST 2016
the allowed length for an iptable chain is 28 chars
we had a max set of 20 but a format of
GROUP-<name>-IN and
GROUP-<name>-OUT
where <name> is the group name
but GROUP--OUT are 10 chars so we just allow 18 chars max
Signed-off-by: Dominik Csapak <d.csapak at proxmox.com>
---
src/PVE/Firewall.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 1fa3e70..b52d324 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -50,7 +50,7 @@ our $ip_alias_pattern = '[A-Za-z][A-Za-z0-9\-\_]+';
my $max_alias_name_length = 64;
my $max_ipset_name_length = 64;
-my $max_group_name_length = 20;
+my $max_group_name_length = 18;
PVE::JSONSchema::register_format('IPorCIDR', \&pve_verify_ip_or_cidr);
sub pve_verify_ip_or_cidr {
--
2.1.4
More information about the pve-devel
mailing list