[RESOLVED] IPSET: restore failed - firewall cannot anymore
- Thread starter felipe
- Start date
Re: IPSET: restore failed - firewall cannot anymore
create PVEFW-0-ceph-hosts hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-ceph-hosts 192.168.13.0/24
create PVEFW-0-management hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-management 192.168.11.0/24
create PVEFW-0-storage-network hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-storage-network 192.168.10.0/24
create PVEFW-0-venet0 hash:net family inet hashsize 64 maxelem 64
create PVEFW-0-horvath-net hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-horvath-net 212.232.26.73
add PVEFW-0-horvath-net 192.168.33.35
add PVEFW-0-horvath-net 192.168.33.1
add PVEFW-0-horvath-net 192.168.33.29
add PVEFW-0-horvath-net 212.232.26.102
add PVEFW-0-horvath-net 192.168.33.34
add PVEFW-0-horvath-net 192.168.33.33
add PVEFW-0-horvath-net 192.168.33.28
add PVEFW-0-horvath-net 192.168.33.31
add PVEFW-0-horvath-net 192.168.33.30
add PVEFW-0-horvath-net 192.168.111.0/24
add PVEFW-0-horvath-net 192.168.33.32
add PVEFW-0-horvath-net 192.168.110.0/24
add PVEFW-0-horvath-net 212.232.26.51
create PVEFW-0-mailingserver-hosts hash:net family inet hashsize 64 maxelem 64
create PVEFW-0-ceph-hosts hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-ceph-hosts 192.168.13.0/24
create PVEFW-0-management hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-management 192.168.11.0/24
create PVEFW-0-storage-network hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-storage-network 192.168.10.0/24
create PVEFW-0-venet0 hash:net family inet hashsize 64 maxelem 64
create PVEFW-0-horvath-net hash:net family inet hashsize 64 maxelem 64
add PVEFW-0-horvath-net 212.232.26.73
add PVEFW-0-horvath-net 192.168.33.35
add PVEFW-0-horvath-net 192.168.33.1
add PVEFW-0-horvath-net 192.168.33.29
add PVEFW-0-horvath-net 212.232.26.102
add PVEFW-0-horvath-net 192.168.33.34
add PVEFW-0-horvath-net 192.168.33.33
add PVEFW-0-horvath-net 192.168.33.28
add PVEFW-0-horvath-net 192.168.33.31
add PVEFW-0-horvath-net 192.168.33.30
add PVEFW-0-horvath-net 192.168.111.0/24
add PVEFW-0-horvath-net 192.168.33.32
add PVEFW-0-horvath-net 192.168.110.0/24
add PVEFW-0-horvath-net 212.232.26.51
create PVEFW-0-mailingserver-hosts hash:net family inet hashsize 64 maxelem 64
Re: IPSET: restore failed - firewall cannot anymore
no, we have a bug with empty ipsets. The following command solves (workaround) the problem:
# ipset destroy PVEFW-0-mailingserver-hosts
But the rename also solves the problem.
Will try to find a real fix now.
no, we have a bug with empty ipsets. The following command solves (workaround) the problem:
# ipset destroy PVEFW-0-mailingserver-hosts
But the rename also solves the problem.
Will try to find a real fix now.
Re: IPSET: restore failed - firewall cannot anymore
ok. when i make really long ipset names then other names are genareated for it and it works.
BUT with ipsets with exactly 19 numbers (did not check 18 or 20) allways i will get emtpy ipset even when i enter some ips.-..
ok. when i make really long ipset names then other names are genareated for it and it works.
BUT with ipsets with exactly 19 numbers (did not check 18 or 20) allways i will get emtpy ipset even when i enter some ips.-..
Re: IPSET: restore failed - firewall cannot anymore
OK, the fix is here:
https://git.proxmox.com/?p=pve-firewall.git;a=commitdiff;h=30150dca3cfc435c08d84022b9c4214b603a6522
you can test with:
# wget http://download1.proxmox.com/debian/dists/wheezy/pvetest/binary-amd64/pve-firewall_1.0-9_amd64.deb
# dpkg -i pve-firewall_1.0-9_amd64.deb
OK, the fix is here:
https://git.proxmox.com/?p=pve-firewall.git;a=commitdiff;h=30150dca3cfc435c08d84022b9c4214b603a6522
you can test with:
# wget http://download1.proxmox.com/debian/dists/wheezy/pvetest/binary-amd64/pve-firewall_1.0-9_amd64.deb
# dpkg -i pve-firewall_1.0-9_amd64.deb
