diff options
| author | Alex Harpin <development@landsofshadow.co.uk> | 2015-11-28 19:53:49 +0000 |
|---|---|---|
| committer | Alex Harpin <development@landsofshadow.co.uk> | 2015-11-28 19:53:49 +0000 |
| commit | 983f6e24e0cacee1fbb490a8003814a026a3cc8d (patch) | |
| tree | 7c899fd2bc022fc24c6fc173c53bbc6a67aa784f | |
| parent | a5c142516d6ce7f3a46b9d35d17dfe076a711ce2 (diff) | |
| download | vyatta-nat-983f6e24e0cacee1fbb490a8003814a026a3cc8d.tar.gz vyatta-nat-983f6e24e0cacee1fbb490a8003814a026a3cc8d.zip | |
vyatta-nat: only create nat object for testing changed or added rules
Only create a new source or destination NAT object when testing
changed or added NAT rules to reduce testing overhead.
Bug #493 http://bugzilla.vyos.net/show_bug.cgi?id=493
| -rwxr-xr-x | scripts/vyatta-update-dst-nat.pl | 8 | ||||
| -rwxr-xr-x | scripts/vyatta-update-src-nat.pl | 8 |
2 files changed, 6 insertions, 10 deletions
diff --git a/scripts/vyatta-update-dst-nat.pl b/scripts/vyatta-update-dst-nat.pl index e6c2b18..9d18dcd 100755 --- a/scripts/vyatta-update-dst-nat.pl +++ b/scripts/vyatta-update-dst-nat.pl @@ -83,15 +83,13 @@ system("$IPTABLES -t nat -L -n >& /dev/null"); ipt_enable_conntrack('iptables', 'NAT_CONNTRACK'); for $rule (@rule_keys) { - my $rule_test = new Vyatta::DstNatRule; - $rule_test->setup($CONFIG_LEVEL." rule $rule"); - if (($rules{$rule} eq "static") || ($rules{$rule} eq "deleted")) { next; } else { - my ($err, @rule_strs) = $rule_test->rule_str(); + my $test_rule = new Vyatta::DstNatRule; + $test_rule->setup($CONFIG_LEVEL." rule $rule"); + my ($err, @rule_strs) = $test_rule->rule_str(); if (defined $err) { - # rule check failed => return error print OUT "Destination NAT configuration error in rule $rule: $err\n"; print STDERR "Destination NAT configuration error in rule $rule: $err\n"; diff --git a/scripts/vyatta-update-src-nat.pl b/scripts/vyatta-update-src-nat.pl index 718ed49..7816410 100755 --- a/scripts/vyatta-update-src-nat.pl +++ b/scripts/vyatta-update-src-nat.pl @@ -83,15 +83,13 @@ system("$IPTABLES -t nat -L -n >& /dev/null"); ipt_enable_conntrack('iptables', 'NAT_CONNTRACK'); for $rule (@rule_keys) { - my $rule_test = new Vyatta::SrcNatRule; - $rule_test->setup($CONFIG_LEVEL." rule $rule"); - if (($rules{$rule} eq "static") || ($rules{$rule} eq "deleted")) { next; } else { - my ($err, @rule_strs) = $rule_test->rule_str(); + my $test_rule = new Vyatta::SrcNatRule; + $test_rule->setup($CONFIG_LEVEL." rule $rule"); + my ($err, @rule_strs) = $test_rule->rule_str(); if (defined $err) { - # rule check failed => return error print OUT "Source NAT configuration error in rule $rule: $err\n"; print STDERR "Source NAT configuration error in rule $rule: $err\n"; |