Issue plesk firewall 2.1.5-412 still has problems

[PeterKi]

I finally managed to get rid of the plesk firewall extension and to use ipset to manage by blacklists.
For that I ran an ssh session, copied plesk's initial firewall script and installed the ipset package.
cp /opt/psa/var/modules/firewall/firewall-active.sh /usr/local/bin/loadIPtables.sh apt -y install ipset
I then removed the plesk-firewall extension and added 2 iptables rules to the load script,
right after the "Start of /usr/sbin/iptables rules" section
apply_rule /usr/sbin/iptables -A INPUT -m set --match-set blacklistedAddrs src -j DROP apply_rule /usr/sbin/iptables-A INPUT -m set --match-set blacklistedRanges src -j DROP
For the startup I use a simple cronjob
crontab -e @reboot /usr/local/bin/createIPsets.sh && /usr/local/bin/loadIPtables.sh
The createIPsets.sh commands is quite simple:
ipset create blacklistedRange hash:net ipset add blacklistedRange 46.184.40.0/24 . . . ipset create blacklistedAddrs hash:ip . . .
With this setup, I can change my blacklist sets without the need to change any iptables rules commands.
I just create a temporary ipset of the desired type like shown below and swap it in place with ipset swap command.
ipset create ipsetTMP hash:net ipset add ipsetTMP 46.184.40.0/24 ipset add ipsetTMP 11.222.33.0/24 ipset swap ipsetTMP blacklistedRange

Of course, I also need to update the startup script for my ipsets, so that they are created properly at boot.
With this setup, I regard my firewall issue as solved.