sub ruleset_generate_cmdstr {
my ($ruleset, $chain, $rule, $actions, $goto) = @_;
- return if !$rule->{enable};
+ return if defined($rule->{enable}) && !$rule->{enable};
my @cmd = ();
if (!(defined($options->{dhcp}) && $options->{dhcp} == 0)) {
if ($direction eq 'OUT') {
- ruleset_addrule($ruleset, $chain, "-p udp -m udp --sport 68 --dport 67 -j PVEFW-SET-ACCEPT-MARK");
+ ruleset_addrule($ruleset, $chain, "-p udp -m udp --sport 68 --dport 67 -g PVEFW-SET-ACCEPT-MARK");
} else {
ruleset_addrule($ruleset, $chain, "-p udp -m udp --sport 67 --dport 68 -j ACCEPT");
}