Some code cleanup:

- Store config value in a local rather than repeatedly referencing the
  %config hash.
- Centralize generation of the valid table array

Signed-off-by: Tom Eastep <teastep@shorewall.net>

Shorewall/Perl/Shorewall/Chains.pm

@@ -3707,17 +3707,32 @@ sub optimize_level16( $$$ ) {
     $passes++;
 }
 
-sub optimize_ruleset() {
-    for my $table ( qw/raw rawpost mangle nat filter/ ) {
+#
+# Return an array of valid Netfilter tables
+#
+sub valid_tables() {
+    my @table_list;
 
-	next if $family == F_IPV6 && $table eq 'nat';
+    push @table_list, 'raw'     if have_capability( 'RAW_TABLE' );
+    push @table_list, 'rawpost' if have_capability( 'RAWPOST_TABLE' );
+    push @table_list, 'nat'     if have_capability( 'NAT_ENABLED' );
+    push @table_list, 'mangle'  if have_capability( 'MANGLE_ENABLED' ) && $config{MANGLE_ENABLED};
+    push @table_list, 'filter';
+
+    @table_list;
+}
+
+sub optimize_ruleset() {
+
+    for my $table ( valid_tables ) {
 
 	my $tableref = $chain_table{$table};
 	my $passes   = 0;
+	my $optimize = $config{OPTIMIZE};
 
-	$passes = optimize_level4(  $table, $tableref )           if $config{OPTIMIZE} & 4;
-	$passes = optimize_level8(  $table, $tableref , $passes ) if $config{OPTIMIZE} & 8;
-	$passes = optimize_level16( $table, $tableref , $passes ) if $config{OPTIMIZE} & 16;
+	$passes = optimize_level4(  $table, $tableref )           if $optimize & 4;
+	$passes = optimize_level8(  $table, $tableref , $passes ) if $optimize & 8;
+	$passes = optimize_level16( $table, $tableref , $passes ) if $optimize & 16;
 
 	progress_message "  Table $table Optimized -- Passes = $passes";
 	progress_message '';
@@ -7126,14 +7141,6 @@ sub load_ipsets() {
 sub create_netfilter_load( $ ) {
     my $test = shift;
 
-    my @table_list;
-
-    push @table_list, 'raw'     if have_capability( 'RAW_TABLE' );
-    push @table_list, 'rawpost' if have_capability( 'RAWPOST_TABLE' );
-    push @table_list, 'nat'     if have_capability( 'NAT_ENABLED' );
-    push @table_list, 'mangle'  if have_capability( 'MANGLE_ENABLED' ) && $config{MANGLE_ENABLED};
-    push @table_list, 'filter';
-
     $mode = NULL_MODE;
 
     emit ( '#',
@@ -7164,7 +7171,7 @@ sub create_netfilter_load( $ ) {
 	emit_unindented '#';
     }
 
-    for my $table ( @table_list ) {
+    for my $table ( valid_tables ) {
 	emit_unindented "*$table";
 
 	my @chains;
@@ -7229,14 +7236,6 @@ sub create_netfilter_load( $ ) {
 #
 sub preview_netfilter_load() {
 
-    my @table_list;
-
-    push @table_list, 'raw'     if have_capability( 'RAW_TABLE' );
-    push @table_list, 'rawpost' if have_capability( 'RAWPOST_TABLE' );
-    push @table_list, 'nat'     if have_capability( 'NAT_ENABLED' );
-    push @table_list, 'mangle'  if have_capability( 'MANGLE_ENABLED' ) && $config{MANGLE_ENABLED};
-    push @table_list, 'filter';
-
     $mode = NULL_MODE;
 
     push_indent;
@@ -7247,7 +7246,7 @@ sub preview_netfilter_load() {
 
     print "#\n# Generated by Shorewall $globals{VERSION} - $date\n#\n";
 
-    for my $table ( @table_list ) {
+    for my $table ( valid_tables ) {
 	print "*$table\n";
 
 	my @chains;
@@ -7449,14 +7448,6 @@ sub create_chainlist_reload($) {
 sub create_stop_load( $ ) {
     my $test = shift;
 
-    my @table_list;
-
-    push @table_list, 'raw'     if have_capability( 'RAW_TABLE' );
-    push @table_list, 'rawpost' if have_capability( 'RAWPOST_TABLE' );
-    push @table_list, 'nat'     if have_capability( 'NAT_ENABLED' );
-    push @table_list, 'mangle'  if have_capability( 'MANGLE_ENABLED' ) && $config{MANGLE_ENABLED};
-    push @table_list, 'filter';
-
     my $utility = $family == F_IPV4 ? 'iptables-restore' : 'ip6tables-restore';
     my $UTILITY = $family == F_IPV4 ? 'IPTABLES_RESTORE' : 'IP6TABLES_RESTORE';
 
@@ -7477,7 +7468,7 @@ sub create_stop_load( $ ) {
 	emit_unindented '#';
     }
 
-    for my $table ( @table_list ) {
+    for my $table ( valid_tables ) {
 	emit_unindented "*$table";
 
 	my @chains;