fix for test case test/test-errors1

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 3a96179b4886a07fb465c9b5ec63c5a0340f55f4..eda3e55650ce50f329250feb24a9d1dff178f597 100644 (file)
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1318,8 +1318,8 @@ sub ruleset_generate_cmdstr {
            }
        }
     } elsif ($rule->{dport} || $rule->{sport}) {
-       warn "ignoring destination port '$rule->{dport}' - no protocol specified\n" if $rule->{dport};
-       warn "ignoring source port '$rule->{sport}' - no protocol specified\n" if $rule->{sport};
+       die "destination port '$rule->{dport}', but no protocol specified\n" if $rule->{dport};
+       die "source port '$rule->{sport}', but no protocol specified\n" if $rule->{sport};
     }
 
     push @cmd, "-m addrtype --dst-type $rule->{dsttype}" if $rule->{dsttype};

diff --git a/test/test-errors1/100.fw b/test/test-errors1/100.fw
index 25d9a2c3df68333a9147c843b7ab83b951622ff3..27a359375fb76d22c1e677d8c94226d70080e491 100644 (file)
--- a/test/test-errors1/100.fw
+++ b/test/test-errors1/100.fw
@@ -4,6 +4,8 @@ enable: 1
 
 [RULES]
 
-# rule with dport but missing protocol
+# rule with dport but missing protocol - should be ignored
 IN ACCEPT -dport 80
+# correct rule
+IN ACCEPT -p tcp -dport 82
 

diff --git a/test/test-errors1/tests b/test/test-errors1/tests
index 4c4bf67af9a8cd150029056e4f89d3e460fb3db9..99380b96eae22708390eeed9366715b144c12d5c 100644 (file)
--- a/test/test-errors1/tests
+++ b/test/test-errors1/tests
@@ -1,2 +1,3 @@
-{ from => 'outside', to => 'vm100', dport => 80, action => 'ACCEPT' }
-{ from => 'outside', to => 'vm100', dport => 81, action => 'DROP' }
\ No newline at end of file
+{ from => 'outside', to => 'vm100', dport => 80, action => 'DROP' }
+{ from => 'outside', to => 'vm100', dport => 81, action => 'DROP' }
+{ from => 'outside', to => 'vm100', dport => 82, action => 'ACCEPT' }