ebtables: treat chain deletion as change

since it is one. otherwise, 'pve-firewall compile' will print false
information as long as the deletion has not been applied yet.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 3b67186ed35c18ca7ed62c0f2001c5dbb0e649bb..41f48d638b4569aa379cbfb89c5ffb4bd0c2faa7 100644 (file)
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -4033,8 +4033,8 @@ sub get_ebtables_cmdlist {
 
     foreach my $chain (sort keys %$statushash) {
        my $stat = $statushash->{$chain};
 
     foreach my $chain (sort keys %$statushash) {
        my $stat = $statushash->{$chain};

-       next if ($stat->{action} eq 'delete');

        $changes = 1 if ($stat->{action} !~ 'ignore|exists');
        $changes = 1 if ($stat->{action} !~ 'ignore|exists');

+       next if ($stat->{action} eq 'delete');

 
        foreach my $cmd (@{$statushash->{$chain}->{'rules'}}) {
            if ($chain eq 'FORWARD' && $cmd eq $append_pve_to_forward) {
 
        foreach my $cmd (@{$statushash->{$chain}->{'rules'}}) {
            if ($chain eq 'FORWARD' && $cmd eq $append_pve_to_forward) {