test if BRIDGEFW-OUT and BRIDGEFW-IN exist
authorAlexandre Derumier <aderumier@odiso.com>
Mon, 17 Feb 2014 12:50:26 +0000 (13:50 +0100)
committerDietmar Maurer <dietmar@proxmox.com>
Tue, 18 Feb 2014 09:31:13 +0000 (10:31 +0100)
Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
PVE/Firewall.pm

index 0c1a37a..4b14871 100644 (file)
@@ -277,8 +277,13 @@ sub ruleset_insertrule {
 sub generate_bridge_chains {
     my ($ruleset, $bridge) = @_;
 
-    ruleset_create_chain($ruleset, "BRIDGEFW-IN");
-    ruleset_create_chain($ruleset, "BRIDGEFW-OUT");
+    if (!ruleset_chain_exist($ruleset, "BRIDGEFW-IN")){
+       ruleset_create_chain($ruleset, "BRIDGEFW-IN");
+    }
+
+    if (!ruleset_chain_exist($ruleset, "BRIDGEFW-OUT")){
+       ruleset_create_chain($ruleset, "BRIDGEFW-OUT");
+    }
 
     if (!ruleset_chain_exist($ruleset, "proxmoxfw-FORWARD")){
        ruleset_create_chain($ruleset, "proxmoxfw-FORWARD");
@@ -618,7 +623,6 @@ sub compile {
            generate_tap_rules_direction($ruleset, $iface, $netid, $rules->{$vmid}->{out}, $bridge, 'OUT');
        }
     }
-    
     return $ruleset;
 }