}
}
-sub enablehostfw {
+sub enable_host_firewall {
my ($ruleset, $hostfw_conf, $groups_conf) = @_;
# fixme: allow security groups
my $hostfw_enable = $hostfw_conf &&
!(defined($hostfw_options->{enable}) && ($hostfw_options->{enable} == 0));
- enablehostfw($ruleset, $hostfw_conf, $groups_conf) if $hostfw_enable;
+ enable_host_firewall($ruleset, $hostfw_conf, $groups_conf) if $hostfw_enable;
# generate firewall rules for QEMU VMs
foreach my $vmid (keys %{$vmdata->{qemu}}) {
}
}
- if ($hostfw_enable) {
- # allow traffic from lo (ourself)
- ruleset_addrule($ruleset, "PVEFW-INPUT", "-i lo -j ACCEPT");
- }
-
return $ruleset;
}