Only destroy ipsets that will be restored

Signed-off-by: Tom Eastep <teastep@shorewall.net>
2024-11-25 00:53:49 +01:00 · 2020-04-20 09:11:03 -07:00 · 2020-04-20 09:11:03 -07:00 · 086f7a0e6d
commit 086f7a0e6d
parent 057a2dec70
1 changed files with 8 additions and 4 deletions
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@ -9065,10 +9065,14 @@ sub create_load_ipsets() {
 	    # Requires V5 or later
 	    #
 	    emit( '' ,
-		  "    for set in \$(\$IPSET save | grep '$select' | cut -d' ' -f2); do" ,
-		  '        $IPSET flush $set' ,
-		  '        $IPSET destroy $set' ,
-		  "    done" ,
+		  '    if  [ -f ${VARDIR}/ipsets.save ]; then' ,
+		  '        while read ${VARDIR}/ipsets.save verb set; do' ,
+		  '            if [ $verb = create ]; then' ,
+		  '                $IPSET flush $set' ,
+		  '                $IPSET destroy $set' ,
+		  '            fi' ,
+		  '        done' ,
+		  '    fi',
 		);
 	} else {
 	    #