$have_lxc = 1;
};
-my $mark;
+my $mark = 0;
my $trace;
my $debug = 0;
sub rule_match {
my ($ipset_ruleset, $chain, $rule, $pkg) = @_;
- $rule =~ s/^-A $chain // || die "got strange rule: $rule";
+ $rule =~ s/^-A $chain +// || die "got strange rule: $rule";
while (length($rule)) {
if ($rule =~ s@^-m mark --mark ($NUMBER_RE)(?:/($NUMBER_RE))?\s*@@) {
my ($value, $mask) = PVE::Firewall::get_mark_values($1, $2);
- return undef if !defined($mark) || ($mark & $mask) != $value;
+ return undef if ($mark & $mask) != $value;
next;
}