fix iptables-restore - correctly add newline after COMMIT

[pve-firewall.git] / PVE / Firewall.pm

diff --git a/PVE/Firewall.pm b/PVE/Firewall.pm
index 65e0050ed603831885c690578e7e1678df9f33d9..c6d45376d05eb71cd9d585bd15f09fdbcc43a87f 100644 (file)
--- a/PVE/Firewall.pm
+++ b/PVE/Firewall.pm
@@ -150,9 +150,16 @@ sub iptables_restore {
     unshift (@ruleset, '*filter');
     push (@ruleset, 'COMMIT');
 
-    my $cmdlist = join("\n", @ruleset);
+    my $cmdlist = join("\n", @ruleset) . "\n";
 
-    run_command("/sbin/iptables-restore -n", input => $cmdlist, outfunc => sub {});
+    my $verbose = 1; # fixme: how/when do we set this
+
+    #run_command("echo '$cmdlist' | /sbin/iptables-restore -n");
+    eval { run_command("/sbin/iptables-restore -n ", input => $cmdlist); };
+    if (my $err = $@) {
+       print STDERR $cmdlist if $verbose;
+       die $err;
+    }
 }
 
 sub iptables_addrule {