Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
-IN SSH(ACCEPT) net0
-OUT SSH(ACCEPT) net0
+IN SSH(ACCEPT) -
+OUT SSH(ACCEPT) -
# add host rules first, so that cluster wide rules can be overwritten
foreach my $rule (@$rules, @$cluster_rules) {
next if $rule->{type} ne 'in';
# add host rules first, so that cluster wide rules can be overwritten
foreach my $rule (@$rules, @$cluster_rules) {
next if $rule->{type} ne 'in';
+ $rule->{iface_in} = $rule->{iface} if $rule->{iface};
ruleset_generate_rule($ruleset, $chain, $rule, { ACCEPT => $accept_action, REJECT => "PVEFW-reject" }, undef, $cluster_conf);
}
ruleset_generate_rule($ruleset, $chain, $rule, { ACCEPT => $accept_action, REJECT => "PVEFW-reject" }, undef, $cluster_conf);
}
# add host rules first, so that cluster wide rules can be overwritten
foreach my $rule (@$rules, @$cluster_rules) {
next if $rule->{type} ne 'out';
# add host rules first, so that cluster wide rules can be overwritten
foreach my $rule (@$rules, @$cluster_rules) {
next if $rule->{type} ne 'out';
+ $rule->{iface_out} = $rule->{iface} if $rule->{iface};
ruleset_generate_rule($ruleset, $chain, $rule, { ACCEPT => $accept_action, REJECT => "PVEFW-reject" }, undef, $cluster_conf);
}
ruleset_generate_rule($ruleset, $chain, $rule, { ACCEPT => $accept_action, REJECT => "PVEFW-reject" }, undef, $cluster_conf);
}