summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Rettberg2024-10-25 16:09:28 +0200
committerSimon Rettberg2024-10-25 16:09:28 +0200
commitae94cbd3df96b84f2ec2964a156d5b09b3fb98b7 (patch)
treeb6b1f0862809a6e73fd078d2b8bcba8e8d19fb1c
parentkernel.config: Need IOMMUFD builtin, so VFIO can be builtin (diff)
downloadmltk-ae94cbd3df96b84f2ec2964a156d5b09b3fb98b7.tar.gz
mltk-ae94cbd3df96b84f2ec2964a156d5b09b3fb98b7.tar.xz
mltk-ae94cbd3df96b84f2ec2964a156d5b09b3fb98b7.zip
[run-virt] Fix blockall with no DNS rules
-rw-r--r--core/modules/run-virt/data/opt/openslx/vmchooser/scripts/set-firewall12
1 files changed, 10 insertions, 2 deletions
diff --git a/core/modules/run-virt/data/opt/openslx/vmchooser/scripts/set-firewall b/core/modules/run-virt/data/opt/openslx/vmchooser/scripts/set-firewall
index 3dd19778..64c8eaa8 100644
--- a/core/modules/run-virt/data/opt/openslx/vmchooser/scripts/set-firewall
+++ b/core/modules/run-virt/data/opt/openslx/vmchooser/scripts/set-firewall
@@ -215,7 +215,11 @@ if ! (
# BLOCK
if [ "$DEST" = "*" ]; then
# Special case: '*' - default rule, so BLOCK -> no default servers
- [ -z "$blockall" ] && blockall=1
+ if [ -s "$DNSCFG" ]; then
+ [ -z "$blockall" ] && blockall=1
+ else
+ both=1
+ fi
else
# A host - map to 0.0.0.0
echo "address=/$DEST/" >> "$DNSCFG"
@@ -224,7 +228,11 @@ if ! (
# ACCEPT
if [ "$DEST" = "*" ]; then
# Special case: '*' - degault rule, so ACCEPT -> default servers
- [ -z "$blockall" ] && blockall=0
+ if [ -s "$DNSCFG" ]; then
+ [ -z "$blockall" ] && blockall=0
+ else
+ both=1
+ fi
else
# specifically map to our DNS servers
for dnsip in $dnslist; do