* [pve-devel] [PATCH firewall] fix invalid vmfw config being interpreted as enabled
@ 2022-08-24 12:24 Mira Limbeck
2022-08-25 14:38 ` [pve-devel] applied: " Thomas Lamprecht
0 siblings, 1 reply; 2+ messages in thread
From: Mira Limbeck @ 2022-08-24 12:24 UTC (permalink / raw)
To: pve-devel
MAC filter was enabled as long as the VM firewall config existed even
with an invalid config.
With this change the check now matches the one for CTs.
Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
---
src/PVE/Firewall.pm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 71746d2..2930661 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -3964,7 +3964,7 @@ sub compile_ebtables_filter {
eval {
my $conf = $vmdata->{qemu}->{$vmid};
my $vmfw_conf = $vmfw_configs->{$vmid};
- return if !$vmfw_conf;
+ return if !$vmfw_conf || !$vmfw_conf->{options}->{enable};
my $ipsets = $vmfw_conf->{ipset};
foreach my $netid (sort keys %$conf) {
--
2.30.2
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2022-08-25 14:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-24 12:24 [pve-devel] [PATCH firewall] fix invalid vmfw config being interpreted as enabled Mira Limbeck
2022-08-25 14:38 ` [pve-devel] applied: " Thomas Lamprecht
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.