Am 08/11/2022 um 15:15 schrieb Stefan Hrdlicka: >> Could another option be that we normalize CIDRs on entry, i.e., mask out >> the end? I mean,. would not help existing setups, but at least future >> proof it a bit for new systems if there's another call site that will >> trip on this (maybe normalizing here in case of 171 could be an option >> too). I don't want to shove you in that direction, just wondering if >> that was considered. > > Yes that would be an option. Was more bit more faffing about when I tried it. > Also would it then be a good idea to change config a user > added to the the file, or should that be kept as it was entered? >
We normally don't auto-rewrite/update configs on package upgrade, as that can be brittle and break immediate downgrades due to a, e.g., regression, but when writing out a FW config anyway we could rewrite it indeed (at least if there's no disagreement in that beeing a good idea in the first place) So in any way, we would probably still want some silencing of the verifier, if you cleanup the slightly confusing odd case with returning $cidr only on $noerr I would go for that for now as stop gap. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
