[pve-devel] [PATCH] implement ipset ip/net groups

Dietmar Maurer dietmar at proxmox.com
Fri Mar 28 13:39:42 CET 2014


> >>What happens if we delete ipset chains which are still in use by iptables?
> 
> ipset will throw an error like "ipset in use in iptables...."
> 
> so I think we should check if it's used or not before trying to remove it.
> 
> I'll implement next week ipset in iptables rules.

You just need to spit the code into 'update' and 'cleanup' sections - and run cleanup after updating iptables.


More information about the pve-devel mailing list