From: Dietmar Maurer <dietmar@proxmox.com>
Date: Tue, 18 Feb 2014 11:15:26 +0000 (+0100)
Subject: split compile from apply
X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=commitdiff_plain;h=a84f4d962687985c79e5715ef3116e6005424072

split compile from apply

And renamed compile_and_start into apply_ruleset.
---

diff --git a/PVE/Firewall.pm b/PVE/Firewall.pm
index 47862f1..2de8334 100644
--- a/PVE/Firewall.pm
+++ b/PVE/Firewall.pm
@@ -702,10 +702,10 @@ sub print_sig_rule {
     return "-A $chain -j LOG --log-prefix \"PVESIG:$sig\" -p tcp -s \"127.128.129.130\" --dport 1\n";
 }
 
-sub compile_and_start {
-    my ($verbose) = @_;
+sub apply_ruleset {
+    my ($ruleset, $verbose) = @_;
 
-    my $ruleset = compile();
+    enable_bridge_firewall();
 
     my $cmdlist = "*filter\n"; # we pass this to iptables-restore;
 
diff --git a/pvefw b/pvefw
index 4370678..1c346b5 100755
--- a/pvefw
+++ b/pvefw
@@ -82,8 +82,8 @@ __PACKAGE__->register_method ({
 	my ($param) = @_;
 
 	my $code = sub {
-	    PVE::Firewall::enable_bridge_firewall();
-	    PVE::Firewall::compile_and_start($param->{verbose});
+	    my $ruleset = PVE::Firewall::compile();
+	    PVE::Firewall::apply_ruleset($ruleset, $param->{verbose});
 	};
 
 	PVE::Firewall::run_locked($code);