[pve-devel] [PATCH container] pct create: Set the NICs firewall to enabled by default on container creation
Thomas Lamprecht
t.lamprecht at proxmox.com
Thu Apr 4 18:58:44 CEST 2019
On 4/3/19 3:57 PM, Christian Ebner wrote:
> Signed-off-by: Christian Ebner <c.ebner at proxmox.com>
> ---
> src/PVE/API2/LXC.pm | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/src/PVE/API2/LXC.pm b/src/PVE/API2/LXC.pm
> index 5a8a9c9..8234df4 100644
> --- a/src/PVE/API2/LXC.pm
> +++ b/src/PVE/API2/LXC.pm
> @@ -296,6 +296,10 @@ __PACKAGE__->register_method({
> } elsif ($opt =~ m/^unused\d+$/) {
> warn "ignoring '$opt', cannot create/restore with unused volume\n";
> delete $param->{$opt};
> + } elsif ($opt =~ m/^net\d+$/) {
> + my $net = PVE::LXC::Config->parse_lxc_network($param->{$opt});
> + $net->{'firewall'} = 1 if !defined($net->{'firewall'});
> + $no_disk_param->{$opt} = PVE::LXC::Config->print_lxc_network($net);
> } else {
> $no_disk_param->{$opt} = $value;
> }
>
looks OK, and as it's for newly created CT/VM only, were the general per-guest FW
needs to be enabled in the guest options any way this could be OK now already, but
I need to rethink this, and maybe it's just better apply it together with the API
guest NIC create default change with the next major release..
More information about the pve-devel
mailing list