On 11/17/24 15:57, Thomas Lamprecht wrote: > it's a bit odd to assign the full SDN related config to a variable named > $empty_config, but assigning it after the parser will cause a semantic > difference > for the case where the firewall config is empty, not sure if that is fine. It has to be beforehand, otherwise if you reference the SDN IPsets in your cluster configuration you will get verification errors since generic_fw_config_parser() will execute the whole validation / verification logic - which fails if IPSets do not exist. _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
- [pve-devel] [PATCH docs/firewall/manager/proxmox{-firewal... Stefan Hanreich
- [pve-devel] [PATCH pve-firewall v4 4/9] add support ... Stefan Hanreich
- Re: [pve-devel] [PATCH pve-firewall v4 4/9] add ... Thomas Lamprecht
- Re: [pve-devel] [PATCH pve-firewall v4 4/9] ... Stefan Hanreich
- Re: [pve-devel] [PATCH pve-firewall v4 4/9] ... Stefan Hanreich
- [pve-devel] [PATCH proxmox-firewall v4 2/9] config: ... Stefan Hanreich
- [pve-devel] applied: [PATCH proxmox-firewall v4 ... Thomas Lamprecht
- [pve-devel] [PATCH pve-firewall v4 6/9] api: load sd... Stefan Hanreich
- Re: [pve-devel] [PATCH pve-firewall v4 6/9] api:... Thomas Lamprecht
- Re: [pve-devel] [PATCH pve-firewall v4 6/9] ... Stefan Hanreich
- Re: [pve-devel] [PATCH pve-firewall v4 6... Thomas Lamprecht
- Re: [pve-devel] [PATCH pve-firewall... Thomas Lamprecht
- Re: [pve-devel] [PATCH pve-fire... Stefan Hanreich
- [pve-devel] [PATCH pve-firewall v4 5/9] nftables: ma... Stefan Hanreich
- [pve-devel] applied: [PATCH pve-firewall v4 5/9]... Thomas Lamprecht
