ipset's init script fails to reload existing sets
Hi,
the init script of alpine’s ipset package provides a reload command
which does not work for already loaded ipsets due to a bug in the init
script (and it does not even report an error). The init script collects
the name of ipsets which already exist to swap them later on. Since the
collection is running in a sub shell the changes of the $swap
variable
won’t propagate into the main context.
The patch solves this by moving the pipe to iptables restore into the
loop so the changes on the $swap
variable are handled in the main
context:
<code class="diff">
--- /etc/init.d/ipset.orig
+++ /etc/init.d/ipset
@@ -92,8 +92,8 @@
new=_init_$name
swap="$swap $name"
fi
- echo create $new $(set_file $name | head -n 1)
- done | ipset restore
+ echo create $new $(set_file $name | head -n 1) | ipset restore
+ done
(
for name in $(set_files); do
</code>
This fixes reloading already existing ipsets for me.
HTH,
Thomas
(from redmine: issue id 9149, created on 2018-07-29, closed on 2019-05-04)
- Changesets:
- Revision 2efd93fa on 2018-09-18T16:45:51Z:
main/ipset: fix reloading of existing ipsets
fixes #9149