[pve-devel] [PATCH firewall 0/1] fix #3677 ipset_get_chains fixed to work with new ipset output

DERUMIER, Alexandre Alexandre.DERUMIER at groupe-cyllene.com
Thu Oct 21 09:04:29 CEST 2021


Hi,

Thanks for the patch ! I didn't notice it, but I have indeed this bug. 

I have tested it , it's working fine for me.

Before the patch :
# pve-firewall status
Status: enabled/running (pending changes)

After the patch:
 pve-firewall status
Status: enabled/running


Le lundi 18 octobre 2021 à 21:21 +0100, Mark Yardley a écrit :
> As I reported in 3677, there has been a change to the output of ipset
> since the
> update to bullseye and the introduction of ipset 7.
> 
> There are now additional items on each line which is causing the
> firewall to
> stay in pending changes as the comparison to the applied rules never
> matches
> despite being valid.
> 
> This patch ignores the additonal values and provides a valid line that
> can
> be matched from the ipset output.
> 
> Mark Yardley (1):
>   fix #3677 ipset_get_chains fixed to work with new ipset output
> 
>  src/PVE/Firewall.pm | 4 ++++
>  1 file changed, 4 insertions(+)
> 



More information about the pve-devel mailing list