Currently, trying to delete a non-empty IPSet will throw an error.
Manually deleting all members of the set might be a time-consuming
process, which the force parameter allows to bypass.
Signed-off-by: Leo Nunner <l.nun...@proxmox.com>
---
src/PVE/API2/Firewall/IPSet.pm | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/src/PVE/API2/Firewall/IPSet.pm b/src/PVE/API2/Firewall/IPSet.pm
index ec9326f..a5f69e9 100644
--- a/src/PVE/API2/Firewall/IPSet.pm
+++ b/src/PVE/API2/Firewall/IPSet.pm
@@ -132,6 +132,11 @@ sub register_delete_ipset {
my $properties = $class->additional_parameters();
$properties->{name} = get_standard_option('ipset-name');
+ $properties->{force} = {
+ type => 'boolean',
+ optional => 1,
+ description => 'Delete all members of the IPSet, if there are any.',
+ };
$class->register_method({
name => 'delete_ipset',
@@ -154,7 +159,7 @@ sub register_delete_ipset {
my ($cluster_conf, $fw_conf, $ipset) =
$class->load_config($param);
die "IPSet '$param->{name}' is not empty\n"
- if scalar(@$ipset);
+ if scalar(@$ipset) && !$param->{force};
$class->save_ipset($param, $fw_conf, undef);
--
2.30.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
