mirror of
https://gitlab.com/shorewall/code.git
synced 2024-12-23 06:38:53 +01:00
Don't optimize away a rule that includes nfacct matches.
Signed-off-by: Tom Eastep <teastep@shorewall.net>
This commit is contained in:
parent
5343243f6b
commit
c5f2eeea80
@ -3247,7 +3247,7 @@ sub optimize_level4( $$ ) {
|
||||
while ( @$rulesref ) {
|
||||
my $rule1ref = $rulesref->[-1];
|
||||
|
||||
last unless ( $rule1ref->{target} || '' ) eq $target && ! $rule1ref->{targetopts};
|
||||
last unless ( $rule1ref->{target} || '' ) eq $target && ! ( $rule1ref->{targetopts} || $rule1ref->{nfacct} );
|
||||
|
||||
trace ( $chainref, 'D', $rule, $rule1ref ) if $debug;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user