[pve-devel] applied: [PATCH firewall] ebtables: sort guest chains during rulecreation
Wolfgang Bumiller
w.bumiller at proxmox.com
Thu Jun 28 14:48:00 CEST 2018
applied
On Thu, Jun 28, 2018 at 02:41:56PM +0200, Stoiko Ivanov wrote:
> Signed-off-by: Stoiko Ivanov <s.ivanov at proxmox.com>
> ---
>
> * reported via forum:
> https://forum.proxmox.com/threads/pve-firewall-keeps-rebuilding-due-to-changing-host-sort-order-code-changes-attached.44727/
> * the problem occurs if you have more than 1 guest running
> * this patch seems to fix it for me
>
> src/PVE/Firewall.pm | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
> index b85e2da..fefe42a 100644
> --- a/src/PVE/Firewall.pm
> +++ b/src/PVE/Firewall.pm
> @@ -3672,7 +3672,7 @@ sub compile_ebtables_filter {
> ruleset_addrule($ruleset, 'PVEFW-FORWARD', '-o fwln+', '-j PVEFW-FWBR-OUT');
>
> # generate firewall rules for QEMU VMs
> - foreach my $vmid (keys %{$vmdata->{qemu}}) {
> + foreach my $vmid (sort keys %{$vmdata->{qemu}}) {
> eval {
> my $conf = $vmdata->{qemu}->{$vmid};
> my $vmfw_conf = $vmfw_configs->{$vmid};
> @@ -3693,7 +3693,7 @@ sub compile_ebtables_filter {
> }
>
> # generate firewall rules for LXC containers
> - foreach my $vmid (keys %{$vmdata->{lxc}}) {
> + foreach my $vmid (sort keys %{$vmdata->{lxc}}) {
> eval {
> my $conf = $vmdata->{lxc}->{$vmid};
>
> --
> 2.11.0
More information about the pve-devel
mailing list