summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rwxr-xr-xlib/Vyatta/IpTables/IpSet.pm4
-rw-r--r--templates/firewall/group/port-group/node.def2
2 files changed, 4 insertions, 2 deletions
diff --git a/lib/Vyatta/IpTables/IpSet.pm b/lib/Vyatta/IpTables/IpSet.pm
index cee7935..ba5e68d 100755
--- a/lib/Vyatta/IpTables/IpSet.pm
+++ b/lib/Vyatta/IpTables/IpSet.pm
@@ -190,11 +190,13 @@ sub create {
my $ipset_param = $grouptype_hash{$self->{_type}};
return "Error: invalid group type\n" if !defined $ipset_param;
+ my $cmd = "ipset -N $self->{_name} $ipset_param family $self->{_family}";
+
if ($self->{_type} eq 'port') {
$ipset_param .= ' --from 1 --to 65535';
+ $cmd = "ipset -N $self->{_name} $ipset_param";
}
- my $cmd = "ipset -N $self->{_name} $ipset_param family $self->{_family}";
my $rc = $self->run_cmd($cmd);
return "Error: call to ipset failed [$rc]" if $rc;
return; # undef
diff --git a/templates/firewall/group/port-group/node.def b/templates/firewall/group/port-group/node.def
index 1484be2..729165f 100644
--- a/templates/firewall/group/port-group/node.def
+++ b/templates/firewall/group/port-group/node.def
@@ -16,6 +16,6 @@ syntax:expression: pattern $VAR(@) "^[^|;&$<>]*$" ; \
"Firewall group name cannot contain shell punctuation"
end: if sudo /opt/vyatta/sbin/vyatta-ipset.pl --action=update-set \
- --set-name="$VAR(@)" --set-type=port; then
+ --set-name="$VAR(@)" --set-type=port --set-family=inet; then
${vyatta_sbindir}/vyatta-firewall-trap.pl --level="firewall group port-group $VAR(@)"
fi
generated by cgit v1.2.3 (git 2.39.1) at 2025-11-23 13:58:59 +0000