From: Alexandre Derumier <aderumier@odiso.com>
Date: Tue, 15 Jul 2014 23:14:17 +0000 (+0200)
Subject: split compile to compile_iptables_filter
X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=commitdiff_plain;h=9268573a4675ab12576c956ad055538df616c994

split compile to compile_iptables_filter

compile just read configs file and will call compile_iptables_filter for iptables and ip6tables

Signed-off-by: Alexandre Derumier <aderumier@odiso.com>
---

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 2270ad7..5a6284f 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2836,6 +2836,13 @@ sub compile {
 	$vmfw_configs = read_vm_firewall_configs($cluster_conf, $vmdata, undef, $verbose);
     }
 
+    my ($ruleset, $ipset_ruleset) = compile_iptables_filter($cluster_conf, $hostfw_conf, $vmfw_configs, $vmdata, 4, $verbose);
+    return ($ruleset, $ipset_ruleset);
+}
+
+sub compile_iptables_filter {
+    my ($cluster_conf, $hostfw_conf, $vmfw_configs, $vmdata, $ipversion, $verbose) = @_;
+
     $cluster_conf->{ipset}->{venet0} = [];
     my $venet0_ipset_chain = compute_ipset_chain_name(0, 'venet0');