[pve-devel] [PATCH pve-firewall v4 4/9] add support for loading sdn firewall configuration
Stefan Hanreich
s.hanreich at proxmox.com
Mon Nov 18 10:35:09 CET 2024
On 11/17/24 15:57, Thomas Lamprecht wrote:
> it's a bit odd to assign the full SDN related config to a variable named
> $empty_config, but assigning it after the parser will cause a semantic difference
> for the case where the firewall config is empty, not sure if that is fine.
It has to be beforehand, otherwise if you reference the SDN IPsets in
your cluster configuration you will get verification errors since
generic_fw_config_parser() will execute the whole validation /
verification logic - which fails if IPSets do not exist.
More information about the pve-devel
mailing list