From 011dd2c90118817c3e1b20b7c222308e23d2f09f Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Tue, 8 Jan 2013 15:25:53 -0800
Subject: [PATCH] Add a RETURNS flag to optflags indicating that there is
 RETURN in the chain.

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Chains.pm | 8 ++++----
 Shorewall/Perl/Shorewall/Nat.pm    | 2 --
 Shorewall/Perl/Shorewall/Rules.pm  | 2 --
 3 files changed, 4 insertions(+), 8 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Chains.pm b/Shorewall/Perl/Shorewall/Chains.pm
index 6cafe3223..71049e53a 100644
--- a/Shorewall/Perl/Shorewall/Chains.pm
+++ b/Shorewall/Perl/Shorewall/Chains.pm
@@ -407,7 +407,7 @@ use constant {
 
 use constant { OPTIMIZE_MASK => OPTIMIZE_POLICY_MASK | OPTIMIZE_RULESET_MASK };
 
-use constant { DONT_OPTIMIZE => 1 , DONT_DELETE => 2, DONT_MOVE => 4 };
+use constant { DONT_OPTIMIZE => 1 , DONT_DELETE => 2, DONT_MOVE => 4, RETURNS => 8, RETURNS_DONT_MOVE => 12 };
 
 our %dscpmap = ( CS0  => 0x00,
 		 CS1  => 0x08,
@@ -1040,7 +1040,7 @@ sub push_rule( $$ ) {
 
     push @{$chainref->{rules}}, $ruleref;
     $chainref->{referenced} = 1;
-    $chainref->{optflags} |= DONT_MOVE if ( $ruleref->{target} || '' ) eq 'RETURN';
+    $chainref->{optflags} |= RETURNS_DONT_MOVE if ( $ruleref->{target} || '' ) eq 'RETURN';
     trace( $chainref, 'A', @{$chainref->{rules}}, "-A $chainref->{name} $_[1]" ) if $debug;
 
     $chainref->{complete} = 1 if $complete;
@@ -1057,7 +1057,7 @@ sub add_trule( $$ ) {
     assert( reftype $ruleref , $ruleref );
     push @{$chainref->{rules}}, $ruleref;
     $chainref->{referenced} = 1;
-    $chainref->{optflags} |= DONT_MOVE if ( $ruleref->{target} || '' ) eq 'RETURN';
+    $chainref->{optflags} |= RETURNS_DONT_MOVE if ( $ruleref->{target} || '' ) eq 'RETURN';
 
     trace( $chainref, 'A', @{$chainref->{rules}}, format_rule( $chainref, $ruleref ) ) if $debug;
 
@@ -1237,7 +1237,7 @@ sub push_irule( $$$;@ ) {
     if ( $jump ) {
 	$ruleref->{jump}       = $jump;
 	$ruleref->{target}     = $target;
-	$chainref->{optflags} |= DONT_MOVE if $target eq 'RETURN';
+	$chainref->{optflags} |= RETURNS_DONT_MOVE if $target eq 'RETURN';
 	$ruleref->{targetopts} = $targetopts if $targetopts;
     } else {
 	$ruleref->{target} = '';
diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index d9730e1d7..2c5a6b4c1 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -724,8 +724,6 @@ sub handle_nonat_rule( $$$$$$$$$$ ) {
 	}
     }
 
-    set_optflags( $nonat_chain, DONT_MOVE | DONT_OPTIMIZE ) if $tgt eq 'RETURN';
-
     expand_rule( $nonat_chain ,
 		 PREROUTE_RESTRICT ,
 		 $rule ,
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 122535d2a..95c0a1f47 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -2475,8 +2475,6 @@ sub process_rule1 ( $$$$$$$$$$$$$$$$$$ ) {
 	if ( $actiontype & ACTION ) {
 	    $action = $usedactions{$normalized_target}{name};
 	    $loglevel = '';
-	} else {
-	    set_optflags( $chainref , DONT_MOVE | DONT_OPTIMIZE ) if $action eq 'RETURN';
 	}
 
 	if ( $origdest ) {