55 lines
1.5 KiB
Diff
55 lines
1.5 KiB
Diff
From 12a223ced7f6b9d9555390c1922bb67133a35c5a Mon Sep 17 00:00:00 2001
|
|
From: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
Date: Fri, 17 Jun 2022 19:33:53 +0200
|
|
Subject: libnftables: release top level scope
|
|
|
|
Otherwise bogus variable redefinition are reported via -o/--optimize:
|
|
|
|
redefinition.conf:5:8-21: Error: redefinition of symbol
|
|
'interface_inet'
|
|
define interface_inet = enp5s0
|
|
^^^^^^^^^^^^^^
|
|
|
|
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
---
|
|
src/libnftables.c | 1 +
|
|
tests/shell/testcases/optimizations/variables | 15 +++++++++++++++
|
|
2 files changed, 16 insertions(+)
|
|
create mode 100644 tests/shell/testcases/optimizations/variables
|
|
|
|
diff --git a/src/libnftables.c b/src/libnftables.c
|
|
index aa6493a..bec378d 100644
|
|
--- a/src/libnftables.c
|
|
+++ b/src/libnftables.c
|
|
@@ -652,5 +652,6 @@ err:
|
|
json_print_echo(nft);
|
|
if (rc)
|
|
nft_cache_release(&nft->cache);
|
|
+ scope_release(nft->state->scopes[0]);
|
|
return rc;
|
|
}
|
|
diff --git a/tests/shell/testcases/optimizations/variables b/tests/shell/testcases/optimizations/variables
|
|
new file mode 100644
|
|
index 0000000..fa98606
|
|
--- /dev/null
|
|
+++ b/tests/shell/testcases/optimizations/variables
|
|
@@ -0,0 +1,15 @@
|
|
+#!/bin/bash
|
|
+
|
|
+set -e
|
|
+
|
|
+RULESET="define addrv4_vpnnet = 10.1.0.0/16
|
|
+
|
|
+table ip nat {
|
|
+ chain postrouting {
|
|
+ type nat hook postrouting priority 0; policy accept;
|
|
+
|
|
+ ip saddr \$addrv4_vpnnet counter masquerade fully-random comment \"masquerade ipv4\"
|
|
+ }
|
|
+}"
|
|
+
|
|
+$NFT -c -o -f - <<< $RULESET
|
|
--
|
|
2.23.0
|
|
|