extern/shorewall_code
1
0
Fork 1
mirror of https://gitlab.com/shorewall/code.git synced 2024-12-22 06:10:42 +01:00
Code Issues Packages Projects Releases Wiki Activity

Correct ipset creation and add a WARNING when creating an ipset

Browse Source 
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
Tom Eastep 2012-03-25 08:27:28 -07:00
parent c3b56d4123
commit e38fcb2bfc
1 changed files with 14 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
Shorewall/Perl/Shorewall/Chains.pm
View File

@ -6428,16 +6428,24 @@ sub ensure_ipset( $ ) {
if ( $family == F_IPV4 ) { if ( $family == F_IPV4 ) {
if ( have_capability 'IPSET_V5' ) { if ( have_capability 'IPSET_V5' ) {
emit ( " qt \$IPSET -L $set -n || \$IPSET -N $_ hash:ip family inet" ); emit ( qq( if ! qt \$IPSET -L $set -n; then) ,
qq( error_message "WARNING: ipset $set does not exist; creating it as an hash:ip set") ,
qq( \$IPSET -N $set hash:ip family inet") ,
qq( fi) );
} else { } else {
emit ( " qt \$IPSET -L $set -n || \$IPSET -N $_ iphash" ); emit ( qq( if ! qt \$IPSET -L $set -n; then) ,
qq( error_message "WARNING: ipset $1 does not exist; creating it as an iphash set") ,
qq( \$IPSET -N $set iphash") ,
qq( fi) );
} }
} else { } else {
emit ( " qt \$IPSET -L $set -n || \$IPSET -N $_ hash:ip family inet6" ); emit ( qq( if ! qt \$IPSET -L $set -n; then) ,
qq( error_message "WARNING: ipset $set does not exist; creating it as an hash:ip set") ,
qq( \$IPSET -N $set hash:ip family inet6) ,
qq( fi) );
} }
} }
sub load_ipsets() { sub load_ipsets() {
my @ipsets = all_ipsets; my @ipsets = all_ipsets;