From: Stefan Schantl <stefan.schantl@ipfire.org>
Date: Mon, 25 Apr 2022 19:04:53 +0000 (+0200)
Subject: rules.pl: Fix automatic ipset sets cleanup.
X-Git-Tag: v2.27-core170~243
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=8b97a537f5f9e798a1ab307b2c32bd9a8b0f6913;p=ipfire-2.x.git

rules.pl: Fix automatic ipset sets cleanup.

The array of used/loaded ipsets needs to be reloaded before
the cleanup can be started to also handle sets which are loaded during
runtime.

Signed-off-by: Stefan Schantl <stefan.schantl@ipfire.org>
Acked-by: Peter Müller <peter.mueller@ipfire.org>
---

diff --git a/config/firewall/rules.pl b/config/firewall/rules.pl
index 19dc7a6d15..4326191844 100644
--- a/config/firewall/rules.pl
+++ b/config/firewall/rules.pl
@@ -122,7 +122,7 @@ undef (@dummy);
 
 sub main {
 	# Get currently used ipset sets.
-	&ipset_get_sets();
+	@ipset_used_sets = &ipset_get_sets();
 
 	# Flush all chains.
 	&flush();
@@ -922,6 +922,8 @@ sub firewall_is_in_subnet {
 }
 
 sub ipset_get_sets () {
+	my @sets;
+
 	# Get all currently used ipset lists and store them in an array.
 	my @output = `$IPSET -n list`;
 
@@ -931,14 +933,17 @@ sub ipset_get_sets () {
 		chomp($set);
 
 		# Add the set the array of used sets.
-		push(@ipset_used_sets, $set);
+		push(@sets, $set);
 	}
 
 	# Display used sets in debug mode.
 	if($DEBUG) {
 		print "Used ipset sets:\n";
-		print "@ipset_used_sets\n\n";
+		print "@sets\n\n";
 	}
+
+	# Return the array of sets.
+	return @sets;
 }
 
 sub ipset_restore ($) {
@@ -998,6 +1003,9 @@ sub ipset_call_restore ($) {
 }
 
 sub ipset_cleanup () {
+	# Reload the array of used sets.
+	@ipset_used_sets = &ipset_get_sets();
+
 	# Loop through the array of used sets.
 	foreach my $set (@ipset_used_sets) {
 		# Check if this set is still in use.