projects
/
pve-firewall.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
571e47f
)
fix max ipset name lenght
author
Dietmar Maurer
<dietmar@proxmox.com>
Tue, 14 Oct 2014 14:28:44 +0000
(16:28 +0200)
committer
Dietmar Maurer
<dietmar@proxmox.com>
Tue, 14 Oct 2014 14:28:44 +0000
(16:28 +0200)
src/PVE/Firewall.pm
patch
|
blob
|
blame
|
history
diff --git
a/src/PVE/Firewall.pm
b/src/PVE/Firewall.pm
index 727204a733afd20fe7780456495ecbfd0f388a60..2270ad73eb159bb36699c3e9215c0d632c4cbab4 100644
(file)
--- a/
src/PVE/Firewall.pm
+++ b/
src/PVE/Firewall.pm
@@
-760,7
+760,10
@@
sub local_network {
return $__local_network;
}
-my $max_iptables_ipset_name_length = 27;
+# ipset names are limited to 31 characters, and we use '_swap'
+# suffix for atomic update, for example PVEFW-${VMID}-${ipset_name}_swap
+
+my $max_iptables_ipset_name_length = 31 - length("_swap");
sub compute_ipset_chain_name {
my ($vmid, $ipset_name) = @_;