ebtables_get_chains: deal with empty chains

Since we don't have signatures in ebtables we need to also
see empty chains to not think we have to create them.

Signed-off-by: Wolfgang Bumiller <w.bumiller@proxmox.com>
Reviewed-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Tested-by: Thomas Lamprecht <t.lamprecht@proxmox.com>

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index b8ade7c3c35a46bd22fb12f7288027fa5e3f25ad..8f545e7b439768f11d524e4d1031b9675066fc58 100644 (file)
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1836,7 +1836,10 @@ sub ebtables_get_chains {
        my $line = shift;
        return if $line =~ m/^#/;
        return if $line =~ m/^\s*$/;
-       if ($line =~ m/^(?:\S+)\s(PVEFW-\S+)\s(?:\S+).*/) {
+       if ($line =~ m/^:(\S+)\s\S+$/) {
+           # Make sure we know chains exist even if they're empty.
+           $chains->{$1} //= [];
+       } elsif ($line =~ m/^(?:\S+)\s(PVEFW-\S+)\s(?:\S+).*/) {
            my $chain = $1;
            $line =~ s/\s+$//;
            push @{$chains->{$chain}}, $line;