[pve-devel] applied: [PATCH firewall] fixup active_chains distinction when deleting chains
Wolfgang Bumiller
w.bumiller at proxmox.com
Tue Jun 12 12:05:39 CEST 2018
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
With the last ebtables rule merge patches this ebtables/iptables
distinction was missing causing the disabling of a VM's firewall to
produce invalid hash accesses causing this to not be detected as a
change...
src/PVE/Firewall.pm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 62cbf66..6b39d5d 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -3784,11 +3784,12 @@ sub get_ruleset_status {
foreach my $chain (sort keys %$active_chains) {
next if defined($ruleset->{$chain});
my $action = 'delete';
+ my $sig = $active_chains->{$chain};
if (defined($change_only_regex)) {
$action = 'ignore' if ($chain !~ m/$change_only_regex/);
$statushash->{$chain}->{rules} = $active_chains->{$chain}->{rules};
+ $sig = $sig->{sig};
}
- my $sig = $active_chains->{$chain}->{sig};
$statushash->{$chain}->{action} = $action;
$statushash->{$chain}->{sig} = $sig;
print "$action $chain ($sig)\n" if $verbose;
--
2.11.0
More information about the pve-devel
mailing list