[pve-devel] [RFC firewall 7/8] avoid double spaces in ruleset_addrule
Wolfgang Bumiller
w.bumiller at proxmox.com
Wed Mar 28 10:53:30 CEST 2018
ebtables doesn't have comment rules we could store the
digest in, so we need to match the ebtables-save output
instead.
Signed-off-by: Wolfgang Bumiller <w.bumiller at proxmox.com>
---
src/PVE/Firewall.pm | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 5452167..b8ade7c 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2065,7 +2065,9 @@ sub ruleset_addrule {
my $logaction = get_log_rule_base($chain, $vmid, $logmsg, $log);
push @{$ruleset->{$chain}}, "-A $chain $match $logaction";
}
- push @{$ruleset->{$chain}}, "-A $chain $match $action";
+ # for stable ebtables digests avoid double-spaces to match ebtables-save output
+ $match .= ' ' if length($match);
+ push @{$ruleset->{$chain}}, "-A $chain ${match}$action";
}
sub ruleset_insertrule {
--
2.11.0
More information about the pve-devel
mailing list