[pve-devel] [PATCH 02/19] move $pve_std_chains to $pve_std_chains->{$ipversion}

Alexandre Derumier aderumier at odiso.com
Wed Jul 16 01:14:18 CEST 2014


Signed-off-by: Alexandre Derumier <aderumier at odiso.com>
---
 src/PVE/Firewall.pm |    7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 3d52f62..8f6ff2c 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -489,7 +489,8 @@ my $pve_fw_parsed_macros;
 my $pve_fw_macro_descr;
 my $pve_fw_preferred_macro_names = {};
 
-my $pve_std_chains = {
+my $pve_std_chains = {};
+$pve_std_chains->{4} = {
     'PVEFW-SET-ACCEPT-MARK' => [
 	"-j MARK --set-mark 1",
     ],
@@ -2598,7 +2599,7 @@ sub get_option_log_level {
 }
 
 sub generate_std_chains {
-    my ($ruleset, $options) = @_;
+    my ($ruleset, $options, $pve_std_chains) = @_;
 
     my $loglevel = get_option_log_level($options, 'smurf_log_level');
 
@@ -2847,7 +2848,7 @@ sub compile_iptables_filter {
 
     ruleset_addrule($ruleset, "PVEFW-FORWARD", "-o venet0 -m set --match-set ${venet0_ipset_chain} dst -j PVEFW-VENET-IN");
 
-    generate_std_chains($ruleset, $hostfw_options);
+    generate_std_chains($ruleset, $hostfw_options, $pve_std_chains->{$ipversion});
 
     my $hostfw_enable = !(defined($hostfw_options->{enable}) && ($hostfw_options->{enable} == 0));
 
-- 
1.7.10.4




More information about the pve-devel mailing list