Acked-by: Peter Müller peter.mueller@ipfire.org
The array of used/loaded ipsets needs to be reloaded before the cleanup can be started to also handle sets which are loaded during runtime.
Signed-off-by: Stefan Schantl stefan.schantl@ipfire.org
config/firewall/rules.pl | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-)
diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl index 649bd49f0..799b2667d 100644 --- a/config/firewall/rules.pl +++ b/config/firewall/rules.pl @@ -137,7 +137,7 @@ undef (@dummy);
sub main { # Get currently used ipset sets.
- &ipset_get_sets();
@ipset_used_sets = &ipset_get_sets();
# Flush all chains. &flush();
@@ -993,6 +993,8 @@ sub firewall_chain_exists ($) { }
sub ipset_get_sets () {
- my @sets;
- # Get all currently used ipset lists and store them in an array. my @output = `$IPSET -n list`;
@@ -1002,14 +1004,17 @@ sub ipset_get_sets () { chomp($set);
# Add the set the array of used sets.
push(@ipset_used_sets, $set);
push(@sets, $set);}
# Display used sets in debug mode. if($DEBUG) { print "Used ipset sets:\n";
print "@ipset_used_sets\n\n";
print "@sets\n\n";- # Return the array of sets.
- return @sets;
}
sub ipset_restore ($) { @@ -1089,6 +1094,9 @@ sub ipset_call_restore ($) { }
sub ipset_cleanup () {
- # Reload the array of used sets.
- @ipset_used_sets = &ipset_get_sets();
- # Loop through the array of used sets. foreach my $set (@ipset_used_sets) { # Check if this set is still in use.