[pve-devel] [PATCH pve-firewall] log reject : add space after policy REJECT like drop

Thomas Lamprecht t.lamprecht at proxmox.com
Tue Feb 5 11:33:16 CET 2019


Am 2/5/19 um 11:22 AM schrieb Alexandre Derumier:
> For log consistency and parsing, we already have a space after "policy DROP: "
> but not REJECT
> 
> ex:
> 
> DROP
> 135 6 tap135i1-IN 05/Feb/2019:10:59:55 +0100 policy DROP: IN=.....
> 
> REJECT
> 232 6 tap232i1-IN 05/Feb/2019:10:59:28 +0100 policy REJECT:IN=....

applied, thanks!

> ---
>  src/PVE/Firewall.pm | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
> index ed00577..452fa01 100644
> --- a/src/PVE/Firewall.pm
> +++ b/src/PVE/Firewall.pm
> @@ -2115,7 +2115,7 @@ sub ruleset_add_chain_policy {
>      } elsif ($policy eq 'REJECT') {
>  	ruleset_addrule($ruleset, $chain, "", "-j PVEFW-Reject");
>  
> -	ruleset_addrule($ruleset, $chain, "", "-g PVEFW-reject", $loglevel, "policy $policy:", $vmid);
> +	ruleset_addrule($ruleset, $chain, "", "-g PVEFW-reject", $loglevel, "policy $policy: ", $vmid);
>      } else {
>  	# should not happen
>  	die "internal error: unknown policy '$policy'";
> 




More information about the pve-devel mailing list