[pve-devel] [PATCH 2/2] verify_rule pattern change for lxc

Tue Aug 11 16:53:12 CEST 2015

Subroutine verify_rule now accepts only values matching netX or ethX
interface device name patterns when adding firewall rules for linux containers.
---
 src/PVE/Firewall.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 2c3af4a..a60c794 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1338,8 +1338,8 @@ sub verify_rule {
 	    &$add_error('iface', "value does not match the regex pattern 'net\\d+'")
 		if $rule->{iface} !~  m/^net(\d+)$/;
 	} elsif ($rule_env eq 'ct') {
-	    &$add_error('iface', "value does not match the regex pattern '(veth|eth\\d+)'")
-		if $rule->{iface} !~  m/^((veth\d+i\d+)|eth(\d+))$/;
+	    &$add_error('iface', "value does not match the regex pattern 'net\\d+|eth\\d+'")
+		if $rule->{iface} !~  m/^(net(\d+)|eth(\d+))$/;
 	}
     }
 
-- 
2.1.4



