firewall update : load cluster conf for host rules
authorAlexandre Derumier <aderumier@odiso.com>
Thu, 11 Dec 2014 13:25:42 +0000 (14:25 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Fri, 12 Dec 2014 05:27:54 +0000 (06:27 +0100)
commit50f9a28d1aef2ed94f1c6c0e736542c8d082151e
treed731d332f708386834d40373b799f8898605e07c
parente33e2f1603bc869daf3ea9200d020f58976a7998
firewall update : load cluster conf for host rules

Currently we can't use ipsets defined in cluster in host rules

host.fw
----------
[OPTIONS]

log_level_in: debug
enable: 1
tcp_flags_log_level: debug
log_level_out: debug
tcpflags: 1
smurf_log_level: debug

[RULES]

IN ACCEPT -source +whitelist

in sub update {
my $hostfw_conf = load_hostfw_conf();
}

$VAR1 = {
          'options' => {
                         'enable' => 1,
                         'log_level_in' => 'debug',
                         'tcp_flags_log_level' => 'debug',
                         'log_level_out' => 'debug',
                         'tcpflags' => 1,
                         'smurf_log_level' => 'debug'
                       },
          'ipset' => {},
          'rules' => [
                       {
                         'source' => '+whitelist',
                         'enable' => 1,
                         'errors' => {
                                       'source' => 'no such ipset \'whitelist\''
                                     },
                         'action' => 'ACCEPT',
                         'type' => 'in'
                       }
                     ]
        };

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
src/PVE/Firewall.pm