my ($properties) = @_;
foreach my $k (keys %$rule_properties) {
- $properties->{$k} = $rule_properties->{$k};
+ my $h = $rule_properties->{$k};
+ # copy data, so that we can modify later without side effects
+ foreach my $opt (keys %$h) { $properties->{$k}->{$opt} = $h->{$opt}; }
}
return $properties;
}
+sub delete_rule_properties {
+ my ($rule, $delete_str) = @_;
+
+ foreach my $opt (PVE::Tools::split_list($delete_str)) {
+ raise_param_exc({ 'delete' => "no such property ('$opt')"})
+ if !defined($rule_properties->{$opt});
+ raise_param_exc({ 'delete' => "unable to delete required property '$opt'"})
+ if $opt eq 'type' || $opt eq 'action';
+ delete $rule->{$opt};
+ }
+
+ return $rule;
+}
+
sub copy_rule_data {
my ($rule, $param) = @_;
die "no such ipset $2" if !$cluster_conf->{ipset}->{$2};
push @cmd, "-m set --match-set PVEFW-$2 src";
- } elsif ($source =~ m/^(\d+)\.(\d+).(\d+).(\d+)\-(\d+)\.(\d+).(\d+).(\d+)$/){
+ } elsif ($source =~ m/\-/){
push @cmd, "-m iprange --src-range $source";
} else {
projects / pve-firewall.git / blobdiff