we did not check if the target name of the group/ipset
already existed, so we overwrote them
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
raise_param_exc({ group => "Security group '$param->{rename}' does not exists" })
if !$cluster_conf->{groups}->{$param->{rename}};
+ # prevent overwriting an existing group
+ raise_param_exc({ group => "Security group '$param->{group}' does already exist" })
+ if $cluster_conf->{groups}->{$param->{group}} &&
+ $param->{group} ne $param->{rename};
+
my $data = delete $cluster_conf->{groups}->{$param->{rename}};
$cluster_conf->{groups}->{$param->{group}} = $data;
if (my $comment = delete $cluster_conf->{group_comments}->{$param->{rename}}) {
raise_param_exc({ name => "IPSet '$param->{rename}' does not exists" })
if !$fw_conf->{ipset}->{$param->{rename}};
+ # prevent overwriting existing ipset
+ raise_param_exc({ name => "IPSet '$param->{name}' does already exist"})
+ if $fw_conf->{ipset}->{$param->{name}} &&
+ $param->{name} ne $param->{rename};
+
my $data = delete $fw_conf->{ipset}->{$param->{rename}};
$fw_conf->{ipset}->{$param->{name}} = $data;
if (my $comment = delete $fw_conf->{ipset_comments}->{$param->{rename}}) {
projects / pve-firewall.git / commitdiff