daemon: cleanup '+' character at begin of line

[pve-firewall.git] / src / PVE / Service / pve_firewall.pm

diff --git a/src/PVE/Service/pve_firewall.pm b/src/PVE/Service/pve_firewall.pm
index 9f712e0d16a856b4c4b3c1ff2e0e801b6db7a8ad..e70f6e590149bf9261729c4463939dab9d755116 100755 (executable)
--- a/src/PVE/Service/pve_firewall.pm
+++ b/src/PVE/Service/pve_firewall.pm
@@ -164,14 +164,15 @@ __PACKAGE__->register_method ({
 
            if ($status eq 'running') {
                
-               my ($ruleset, $ipset_ruleset, $rulesetv6) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
+               my ($ruleset, $ipset_ruleset, $rulesetv6, $ebtables_ruleset) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
 
                $verbose = 0; # do not show iptables details
                my (undef, undef, $ipset_changes) = PVE::Firewall::get_ipset_cmdlist($ipset_ruleset, $verbose);
                my ($test, $ruleset_changes) = PVE::Firewall::get_ruleset_cmdlist($ruleset, $verbose);
                my (undef, $ruleset_changesv6) = PVE::Firewall::get_ruleset_cmdlist($rulesetv6, $verbose, "ip6tables");
+               my (undef, $ebtables_changes) = PVE::Firewall::get_ebtables_cmdlist($ebtables_ruleset, $verbose);
 
-               $res->{changes} = ($ipset_changes || $ruleset_changes || $ruleset_changesv6) ? 1 : 0;
+               $res->{changes} = ($ipset_changes || $ruleset_changes || $ruleset_changesv6 || $ebtables_changes) ? 1 : 0;
            }
 
            return $res;
@@ -201,7 +202,7 @@ __PACKAGE__->register_method ({
            my $verbose = 1;
 
            my $cluster_conf = PVE::Firewall::load_clusterfw_conf(undef, $verbose); 
-           my ($ruleset, $ipset_ruleset, $rulesetv6) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
+           my ($ruleset, $ipset_ruleset, $rulesetv6, $ebtables_ruleset) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
 
            print "ipset cmdlist:\n";
            my (undef, undef, $ipset_changes) = PVE::Firewall::get_ipset_cmdlist($ipset_ruleset, $verbose);
@@ -212,7 +213,10 @@ __PACKAGE__->register_method ({
            print "\nip6tables cmdlist:\n";
            my (undef, $ruleset_changesv6) = PVE::Firewall::get_ruleset_cmdlist($rulesetv6, $verbose, "ip6tables");
 
-           if ($ipset_changes || $ruleset_changes || $ruleset_changesv6) {
+           print "\nebtables cmdlist:\n";
+           my (undef, $ebtables_changes) = PVE::Firewall::get_ebtables_cmdlist($ebtables_ruleset, $verbose);
+
+           if ($ipset_changes || $ruleset_changes || $ruleset_changesv6 || $ebtables_changes) {
                print "detected changes\n";
            } else {
                print "no changes\n";
@@ -329,7 +333,7 @@ __PACKAGE__->register_method ({
 
        local $SIG{'__WARN__'} = 'DEFAULT'; # do not fill up syslog
 
-       my ($ruleset, $ipset_ruleset, $rulesetv6) = PVE::Firewall::compile(undef, undef, undef, $param->{verbose});
+       my ($ruleset, $ipset_ruleset, $rulesetv6, $ebtables_ruleset) = PVE::Firewall::compile(undef, undef, undef, $param->{verbose});
 
        PVE::FirewallSimulator::debug($param->{verbose} || 0);
        
@@ -395,19 +399,3 @@ our $cmddef = {
  };
 
 1;
-
-__END__
-
-=head1 NAME
-                                          
-pve-firewall - PVE Firewall Daemon
-
-=head1 SYNOPSIS
-
-=include synopsis
-
-=head1 DESCRIPTION
-
-This service updates iptables rules periodically.
-
-=include pve_copyright