]> git.ipfire.org Git - people/stevee/ipfire-2.x.git/commitdiff
projects / people / stevee / ipfire-2.x.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e3c88ef)
rules.pl: Destroy all ipset lists on rule reload.
authorStefan Schantl <stefan.schantl@ipfire.org>
Fri, 11 Feb 2022 20:25:50 +0000 (21:25 +0100)
committerStefan Schantl <stefan.schantl@ipfire.org>
Fri, 11 Feb 2022 20:25:50 +0000 (21:25 +0100)
Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
config/firewall/rules.pl patch | blob | blame | history

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index f685d08a7f3caf8ea9606207b00c7fc52da79e2d..da01b87750d0d72b0195c3c1713771d0e30113f6 100644 (file)
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -31,6 +31,7 @@ require "${General::swroot}/location-functions.pl";
 my $DEBUG = 0;
 
 my $IPTABLES = "iptables --wait";
+my $IPSET = "ipset";
 
 # iptables chains
 my $CHAIN_INPUT           = "INPUTFW";
@@ -114,6 +115,9 @@ sub main {
        # Flush all chains.
        &flush();
 
+       # Destroy all existing ipsets.
+       run("$IPSET destroy");
+
        # Prepare firewall rules.
        if (! -z  "${General::swroot}/firewall/input"){
                &buildrules(\%configinputfw);
Stefan's tree of IPFire 2.x.