sub ruleset_create_chain {
my ($ruleset, $chain) = @_;
+ die "Invalid chain name '$chain' (28 char max)\n" if length($chain) > 28;
+
die "chain '$chain' already exists\n" if $ruleset->{$chain};
$ruleset->{$chain} = [];
# we go the PVEFW-BRIDGE-IN because we need to check also other tap rules
# (and group rules can be set on any bridge, so we can't go to VMBRXX-IN)
$rule->{action} = 'PVEFW-BRIDGE-IN' if $rule->{action} eq 'ACCEPT';
- ruleset_generate_rule($rule, $chain, $rule);
+ ruleset_generate_rule($ruleset, $chain, $rule);
}
}
}