X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=src%2Fpve-firewall;h=6e5eb1633cb2ff033fa8b93c0671d09b4c58d6ec;hp=befee4482aca03d7c82804a9c132fdf491b507c6;hb=a2dbb47b4ca3a584a353ceacc3e4a1a40e1a1446;hpb=55fad3b7889f943599038c3a13e070cd1fcab051

diff --git a/src/pve-firewall b/src/pve-firewall
index befee44..6e5eb16 100755
--- a/src/pve-firewall
+++ b/src/pve-firewall
@@ -344,13 +344,14 @@ __PACKAGE__->register_method ({
 
 	    if ($status eq 'running') {
 		
-		my ($ruleset, $ipset_ruleset) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
+		my ($ruleset, $ipset_ruleset, $rulesetv6) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
 
 		$verbose = 0; # do not show iptables details
 		my (undef, undef, $ipset_changes) = PVE::Firewall::get_ipset_cmdlist($ipset_ruleset, $verbose);
 		my ($test, $ruleset_changes) = PVE::Firewall::get_ruleset_cmdlist($ruleset, $verbose);
-	      
-		$res->{changes} = ($ipset_changes || $ruleset_changes) ? 1 : 0;
+		my (undef, $ruleset_changesv6) = PVE::Firewall::get_ruleset_cmdlist($rulesetv6, $verbose, "ip6tables");
+
+		$res->{changes} = ($ipset_changes || $ruleset_changes || $ruleset_changesv6) ? 1 : 0;
 	    }
 
 	    return $res;
@@ -380,12 +381,13 @@ __PACKAGE__->register_method ({
 	    my $verbose = 1;
 
 	    my $cluster_conf = PVE::Firewall::load_clusterfw_conf(undef, $verbose); 
-	    my ($ruleset, $ipset_ruleset) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
+	    my ($ruleset, $ipset_ruleset, $rulesetv6) = PVE::Firewall::compile($cluster_conf, undef, undef, $verbose);
 
 	    my (undef, undef, $ipset_changes) = PVE::Firewall::get_ipset_cmdlist($ipset_ruleset, $verbose);
 	    my (undef, $ruleset_changes) = PVE::Firewall::get_ruleset_cmdlist($ruleset, $verbose);
+	    my (undef, $ruleset_changesv6) = PVE::Firewall::get_ruleset_cmdlist($rulesetv6, $verbose, "ip6tables");
 
-	    if ($ipset_changes || $ruleset_changes) {
+	    if ($ipset_changes || $ruleset_changes || $ruleset_changesv6) {
 		print "detected changes\n";
 	    } else {
 		print "no changes\n";
@@ -502,7 +504,7 @@ __PACKAGE__->register_method ({
 
 	local $SIG{'__WARN__'} = 'DEFAULT'; # do not fill up syslog
 
-	my ($ruleset, $ipset_ruleset) = PVE::Firewall::compile(undef, undef, undef, $param->{verbose});
+	my ($ruleset, $ipset_ruleset, $rulesetv6) = PVE::Firewall::compile(undef, undef, undef, $param->{verbose});
 
 	PVE::FirewallSimulator::debug($param->{verbose} || 0);