[pve-devel] making the firewall more robust?
Stefan Priebe - Profihost AG
s.priebe at profihost.ag
Tue Nov 29 10:10:53 CET 2016
Hello,
today i've noticed that the firewall is nearly inactive on a node.
systemctl status says:
Nov 29 10:07:05 node2 pve-firewall[2534]: status update error:
ipset_restore_cmdlist: ipset v6.23: Error in line 3: The value of the
CIDR parameter of the IP address is invalid
Nov 29 10:07:14 node2 pve-firewall[2534]: status update error:
ipset_restore_cmdlist: ipset v6.23: Error in line 3: The value of the
CIDR parameter of the IP address is invalid
Nov 29 10:07:24 node2 pve-firewall[2534]: status update error:
ipset_restore_cmdlist: ipset v6.23: Error in line 3: The value of the
CIDR parameter of the IP address is invalid
So it seems that the whole firewall breaks if there is somewhere
something wrong.
I think especially for the firewall it's important to jsut skip that
line but process all other values.
How is your opinion? Any idea how to "fix" that?
Greets,
Stefan
More information about the pve-devel
mailing list