Re: [PATCH 04/12] rules.pl: Destroy all ipset lists on rule reload.

15 Feb 2022

Hello,
Looking at the other patchset that implements IP blocklists, could this interfere with this in any way?
-Michael
...
On 14 Feb 2022, at 18:42, Stefan Schantl stefan.schantl@ipfire.org wrote:
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
config/firewall/rules.pl | 4 ++++
1 file changed, 4 insertions(+)

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index f685d08a7..da01b8775 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -31,6 +31,7 @@ require "${General::swroot}/location-functions.pl";
my $DEBUG = 0;
my $IPTABLES = "iptables --wait";
+my $IPSET = "ipset";
# iptables chains
my $CHAIN_INPUT           = "INPUTFW";
@@ -114,6 +115,9 @@ sub main {
   # Flush all chains.
   &flush();

# Destroy all existing ipsets.
run("$IPSET destroy");
# Prepare firewall rules.
 if (! -z  "${General::swroot}/firewall/input"){
  &buildrules(%configinputfw);

-- 
2.30.2

    

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

Re: [PATCH 04/12] rules.pl: Destroy all ipset lists on rule reload.

Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org