IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
making ruleset generation aware of a match and action
part in iptable rules.
code will generate the same iptables as before! (except for
a few additional spaces between match and action).
Signed-off-by: Tom Weber <pve@junkyard.4t2.com>
On packages removal (!= purge) systemd units are masked.
The postinst script has then to reenable this units at the
beginning of the 'configure' step.
Our other packages are doing this manually, or automatically
when the dh_systemd_enable helpers generated a postinst,
but this was missing here.
g_thread_new is part of glib directly, libgthread only
contains the deprecated g_thread_init() & friends which we
do not use.
This silences a build warning.
the funciton nflog_bind_pf(...) returns an integer smaller 0 on a
failure, we negated that which results in 1 if no failure and 0 if
there was a failure.
This is ambiguous and as no parenthesis are set the GCC 6 warning
"logical-not-parentheses" gets triggered.
Use a simple
nflog_bind_pf(...) < 0
check instead.
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
Skip zero-prefix routes as they make no sense to be
considered (and ipset doesn't allow ::/0 to be added
anyway).
Support /128 local addresses by also checking for identical
addresses beside b-in-a overlapping.
the allowed length for an iptable chain is 28 chars
we had a max set of 20 but a format of
GROUP-<name>-IN and
GROUP-<name>-OUT
where <name> is the group name
but GROUP--OUT are 10 chars so we just allow 18 chars max
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
if we had mulitple security groups and wanted to
edit one, we did not have a stable digest,
because perl hashes are not sorted
this patch sorts the keys before hashing
Signed-off-by: Dominik Csapak <d.csapak@proxmox.com>
