From: Dietmar Maurer <dietmar@proxmox.com>
Date: Mon, 26 May 2014 10:46:27 +0000 (+0200)
Subject: ruleset_generate_vm_rules: skip rules with errors
X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=commitdiff_plain;h=b7ab6989be1cfbb4a170d1af3d2684dd0753da0b

ruleset_generate_vm_rules: skip rules with errors
---

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index 5f96c8a..f2f5331 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -1610,7 +1610,7 @@ sub ruleset_generate_vm_rules {
 
     foreach my $rule (@$rules) {
 	next if $rule->{iface} && $rule->{iface} ne $netid;
-	next if !$rule->{enable};
+	next if !$rule->{enable} || $rule->{errors};
 	if ($rule->{type} eq 'group') {
 	    ruleset_add_group_rule($ruleset, $cluster_conf, $chain, $rule, $direction,
 				   $direction eq 'OUT' ? 'RETURN' : $in_accept);