From 8f3aa9cc800cf0c6375aaec81186493e1f1db2be Mon Sep 17 00:00:00 2001
From: Christian Ebner <c.ebner@proxmox.com>
Date: Wed, 15 May 2019 17:09:13 +0200
Subject: [PATCH] Remove redundant logging of packets passing the tap chain.

Incomming and outgoing packets passing the firewall bridge were unneccessarily
logged, leading to double entries.
The first log entry occurred when passing the bridge, the second when the packets
fate was decided (ACCEPT/DROP/REJECT).

Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
 src/PVE/Firewall.pm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/PVE/Firewall.pm b/src/PVE/Firewall.pm
index f84e6d9..abcc1e8 100644
--- a/src/PVE/Firewall.pm
+++ b/src/PVE/Firewall.pm
@@ -2387,10 +2387,10 @@ sub generate_tap_rules_direction {
     # plug the tap chain to bridge chain
     if ($direction eq 'IN') {
 	ruleset_addrule($ruleset, "PVEFW-FWBR-IN",
-			"-m physdev --physdev-is-bridged --physdev-out $iface", "-j $tapchain", $loglevel, 'FWBR-IN: ', $vmid);
+			"-m physdev --physdev-is-bridged --physdev-out $iface", "-j $tapchain");
     } else {
 	ruleset_addrule($ruleset, "PVEFW-FWBR-OUT",
-			"-m physdev --physdev-is-bridged --physdev-in $iface", "-j $tapchain", $loglevel, 'FWBR-OUT: ', $vmid);
+			"-m physdev --physdev-is-bridged --physdev-in $iface", "-j $tapchain");
     }
 }
 
-- 
2.39.2