From 2649cb10598e5b3ad605950afabcd6facd4eab70 Mon Sep 17 00:00:00 2001 From: zsdc Date: Sun, 6 Mar 2022 15:15:17 +0200 Subject: ipset: T4002: Generate a temporary set name from UUID ipset allows assigning set names up to 31 characters long. Currently, we use a process -PID number as a suffix for generating temporary set names. But this cuts effective set name to 25 characters only (`set name in CLI` + `-` + `PID number`), however in CLI we have a limit set to 31. So, set names with long prefixes cannot be configured. This commit replaces PID-based temporary name with UUID-based, which allows configuring set names with full name size. --- scripts/firewall/vyatta-ipset.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'scripts/firewall') diff --git a/scripts/firewall/vyatta-ipset.pl b/scripts/firewall/vyatta-ipset.pl index 0a079f3..a5375dc 100755 --- a/scripts/firewall/vyatta-ipset.pl +++ b/scripts/firewall/vyatta-ipset.pl @@ -288,7 +288,7 @@ sub update_set { # added or potentially changed => iterate members # to ensure that vyatta config and ipset stay in-sync, do the following: # 1. copy orig set to tmp set - my $tmpset = "$set_name-$$"; + my $tmpset = substr `uuidgen 2>/dev/null`, 0, 31; if (($rc = ipset_copy_set($set_name, $set_type, $tmpset))) { # copy failed if ($newset) { -- cgit v1.2.3