compile just read configs file and will call compile_iptables_filter for
iptables and ip6tables
Signed-off-by: Alexandre Derumier <aderum...@odiso.com>
---
src/PVE/Firewall.pm | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 27cf1e6..3d52f62 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2793,6 +2793,13 @@ sub compile {
$vmfw_configs = read_vm_firewall_configs($cluster_conf, $vmdata, undef,
$verbose);
}
+ my ($ruleset, $ipset_ruleset) = compile_iptables_filter($cluster_conf,
$hostfw_conf, $vmfw_configs, $vmdata, 4, $verbose);
+ return ($ruleset, $ipset_ruleset);
+}
+
+sub compile_iptables_filter {
+ my ($cluster_conf, $hostfw_conf, $vmfw_configs, $vmdata, $ipversion,
$verbose) = @_;
+
$cluster_conf->{ipset}->{venet0} = [];
my $venet0_ipset_chain = compute_ipset_chain_name(0, 'venet0');
--
1.7.10.4
_______________________________________________
pve-devel mailing list
pve-devel@pve.proxmox.com
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
