The firewall generated mac filters for outgoing packets even if the
firewall was disabled for a specific interface. This was applicable to
ARP packets as well.
Signed-off-by: Stefan Hanreich <s.hanre...@proxmox.com>
---
proxmox-firewall/src/firewall.rs | 1 +
1 file changed, 1 insertion(+)
diff --git a/proxmox-firewall/src/firewall.rs b/proxmox-firewall/src/firewall.rs
index 0e0edf8..7ed9174 100644
--- a/proxmox-firewall/src/firewall.rs
+++ b/proxmox-firewall/src/firewall.rs
@@ -590,6 +590,7 @@ impl Firewall {
.network_config()
.network_devices()
.iter()
+ .filter(|(_, device)| device.has_firewall())
.map(|(index, device)| {
Expression::concat([
Expression::from(config.iface_name_by_index(*index)),
--
2.39.5
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
