2 files changed, 21 insertions, 0 deletions

diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm
index ba5e68d..276b845 100755
--- a/lib/Vyatta/IpTables/IpSet.pm
+++ b/lib/Vyatta/IpTables/IpSet.pm
@@ -137,6 +137,25 @@ sub get_type {
     return $self->{_type};
 }
 
+sub get_family {
+    my ($self) = @_;
+    return $self->{_family} if defined $self->{_family};
+    return if !$self->exists();
+    my @lines = `ipset -L $self->{_name}`;
+    my $family;
+    foreach my $line (@lines) {
+        if ($line =~ /^Header: family (\w+) hashsize/) {
+            $family = $1;
+            $self->{_family} = $family;
+            last;
+        } elsif ($line =~ /^Type: bitmap:port$/){
+            $self->{_family} = "inet";
+            last;
+        }
+    }
+    return $self->{_family};
+}
+
 sub alphanum_split {
     my ($str) = @_;
     my @list = split m/(?=(?<=\D)\d|(?<=\d)\D)/, $str;
diff --git a/scripts/firewall/vyatta-ipset.pl b/scripts/firewall/vyatta-ipset.pl
index 0f7f731..e5b2fd1 100755
--- a/scripts/firewall/vyatta-ipset.pl
+++ b/scripts/firewall/vyatta-ipset.pl
@@ -350,6 +350,8 @@ sub prune_deleted_sets {
     # only try groups with no references
     if ($group->exists() && ($group->references() == 0)) {
       my $type = $group->get_type();
+      my $family = $group->get_family();
+      ($family eq 'inet') ? $cfg->setLevel("firewall group $type-group") : $cfg->setLevel("firewall group ipv6-$type-group");
       $cfg->setLevel("firewall group $type-group");
       next if ($cfg->isEffective($set)); # don't prune if still in config
       my $rc;