From 983f6e24e0cacee1fbb490a8003814a026a3cc8d Mon Sep 17 00:00:00 2001
From: Alex Harpin <development@landsofshadow.co.uk>
Date: Sat, 28 Nov 2015 19:53:49 +0000
Subject: vyatta-nat: only create nat object for testing changed or added rules

Only create a new source or destination NAT object when testing
changed or added NAT rules to reduce testing overhead.

Bug #493 http://bugzilla.vyos.net/show_bug.cgi?id=493
---
 scripts/vyatta-update-dst-nat.pl | 8 +++-----
 scripts/vyatta-update-src-nat.pl | 8 +++-----
 2 files changed, 6 insertions(+), 10 deletions(-)

diff --git a/scripts/vyatta-update-dst-nat.pl b/scripts/vyatta-update-dst-nat.pl
index e6c2b18..9d18dcd 100755
--- a/scripts/vyatta-update-dst-nat.pl
+++ b/scripts/vyatta-update-dst-nat.pl
@@ -83,15 +83,13 @@ system("$IPTABLES -t nat -L -n >& /dev/null");
 ipt_enable_conntrack('iptables', 'NAT_CONNTRACK');
 
 for $rule (@rule_keys) {
-    my $rule_test = new Vyatta::DstNatRule;
-    $rule_test->setup($CONFIG_LEVEL." rule $rule");
-
     if (($rules{$rule} eq "static") || ($rules{$rule} eq "deleted")) {
         next;
     } else {
-        my ($err, @rule_strs) = $rule_test->rule_str();
+        my $test_rule = new Vyatta::DstNatRule;
+        $test_rule->setup($CONFIG_LEVEL." rule $rule");
+        my ($err, @rule_strs) = $test_rule->rule_str();
         if (defined $err) {
-
             # rule check failed => return error
             print OUT "Destination NAT configuration error in rule $rule: $err\n";
             print STDERR "Destination NAT configuration error in rule $rule: $err\n";
diff --git a/scripts/vyatta-update-src-nat.pl b/scripts/vyatta-update-src-nat.pl
index 718ed49..7816410 100755
--- a/scripts/vyatta-update-src-nat.pl
+++ b/scripts/vyatta-update-src-nat.pl
@@ -83,15 +83,13 @@ system("$IPTABLES -t nat -L -n >& /dev/null");
 ipt_enable_conntrack('iptables', 'NAT_CONNTRACK');
 
 for $rule (@rule_keys) {
-    my $rule_test = new Vyatta::SrcNatRule;
-    $rule_test->setup($CONFIG_LEVEL." rule $rule");
-
     if (($rules{$rule} eq "static") || ($rules{$rule} eq "deleted")) {
         next;
     } else {
-        my ($err, @rule_strs) = $rule_test->rule_str();
+        my $test_rule = new Vyatta::SrcNatRule;
+        $test_rule->setup($CONFIG_LEVEL." rule $rule");
+        my ($err, @rule_strs) = $test_rule->rule_str();
         if (defined $err) {
-
             # rule check failed => return error
             print OUT "Source NAT configuration error in rule $rule: $err\n";
             print STDERR "Source NAT configuration error in rule $rule: $err\n";
-- 
cgit v1.2.3