ruleset_generate_vm_rules: skip rules with errors

author Dietmar Maurer <dietmar@proxmox.com>

Mon, 26 May 2014 10:46:27 +0000 (12:46 +0200)

committer Dietmar Maurer <dietmar@proxmox.com>

Mon, 26 May 2014 10:46:27 +0000 (12:46 +0200)
author Dietmar Maurer <dietmar@proxmox.com>
Mon, 26 May 2014 10:46:27 +0000 (12:46 +0200)
committer Dietmar Maurer <dietmar@proxmox.com>
Mon, 26 May 2014 10:46:27 +0000 (12:46 +0200)
diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm

index 5f96c8a8cc3c02eb126c9bde3b065ec05a519c49..f2f533164969c36dd587fc3c3d7ab3b75958032a 100644 (file)
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1610,7 +1610,7 @@ sub ruleset_generate_vm_rules {
  
      foreach my $rule (@$rules) {
         next if $rule->{iface} && $rule->{iface} ne $netid;
  
      foreach my $rule (@$rules) {
         next if $rule->{iface} && $rule->{iface} ne $netid;
-       next if !$rule->{enable};
+       next if !$rule->{enable} || $rule->{errors};
         if ($rule->{type} eq 'group') {
             ruleset_add_group_rule($ruleset, $cluster_conf, $chain, $rule, $direction,
                                    $direction eq 'OUT' ? 'RETURN' : $in_accept);
         if ($rule->{type} eq 'group') {
             ruleset_add_group_rule($ruleset, $cluster_conf, $chain, $rule, $direction,
                                    $direction eq 'OUT' ? 'RETURN' : $in_accept);
author	Dietmar Maurer <dietmar@proxmox.com>
	Mon, 26 May 2014 10:46:27 +0000 (12:46 +0200)
committer	Dietmar Maurer <dietmar@proxmox.com>
	Mon, 26 May 2014 10:46:27 +0000 (12:46 +0200)