From 11eabbcadaebf2fa9bd14214c827f485ae09d41d Mon Sep 17 00:00:00 2001
From: Gaurav Sinha <gaurav.sinha@vyatta.com>
Date: Wed, 21 Nov 2012 16:19:35 -0800
Subject: fix for 8492. Don't declare error and bail out on attempt to deletion
 of ipset. (cherry picked from commit
 5853281f2c8514a40608b1e83eca65e4c25aae00)

---
 scripts/firewall/vyatta-ipset.pl | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'scripts')

diff --git a/scripts/firewall/vyatta-ipset.pl b/scripts/firewall/vyatta-ipset.pl
index 0627381..b3fd806 100755
--- a/scripts/firewall/vyatta-ipset.pl
+++ b/scripts/firewall/vyatta-ipset.pl
@@ -317,7 +317,10 @@ sub prune_deleted_sets {
       next if ($groups{$g} ne 'deleted');
       next if ($cfg->isEffective($g)); # don't prune if delete failed
       my $rc;
-      return $rc if (($rc = ipset_delete($g)));
+      # Try and delete, don't return error on failure. This subroutine is called when 
+      # firewall root node is being removed to prune ipsets that might have not been 
+      # deleted due to refcounts. 
+      $rc = ipset_delete($g);
     }
   }
 
@@ -331,7 +334,7 @@ sub prune_deleted_sets {
       $cfg->setLevel("firewall group $type-group");
       next if ($cfg->isEffective($set)); # don't prune if still in config
       my $rc;
-      return $rc if (($rc = ipset_delete($set)));
+      $rc = ipset_delete($set);
     }
   }
   exit 0;
-- 
cgit v1.2.3