From 5e2f1f573d05ebf265fc3fe847072c9c12b74655 Mon Sep 17 00:00:00 2001
From: Tom Eastep <teastep@shorewall.net>
Date: Tue, 27 Mar 2018 11:38:47 -0700
Subject: [PATCH] Unconditionally convert masq->snat

Signed-off-by: Tom Eastep <teastep@shorewall.net>
---
 Shorewall/Perl/Shorewall/Compiler.pm |  2 +-
 Shorewall/Perl/Shorewall/Nat.pm      |  8 +++++---
 Shorewall/Perl/Shorewall/Rules.pm    | 16 ++++------------
 3 files changed, 10 insertions(+), 16 deletions(-)

diff --git a/Shorewall/Perl/Shorewall/Compiler.pm b/Shorewall/Perl/Shorewall/Compiler.pm
index 30f5cc6ed..f64899f33 100644
--- a/Shorewall/Perl/Shorewall/Compiler.pm
+++ b/Shorewall/Perl/Shorewall/Compiler.pm
@@ -779,7 +779,7 @@ sub compiler {
     #
     # Setup Masquerade/SNAT
     #
-    setup_snat( $update );
+    setup_snat;
     #
     # Setup Nat
     #
diff --git a/Shorewall/Perl/Shorewall/Nat.pm b/Shorewall/Perl/Shorewall/Nat.pm
index 73f2c07c9..404200b91 100644
--- a/Shorewall/Perl/Shorewall/Nat.pm
+++ b/Shorewall/Perl/Shorewall/Nat.pm
@@ -37,7 +37,7 @@ use strict;
 
 our @ISA = qw(Exporter);
 our @EXPORT = qw( setup_nat setup_netmap add_addresses );
-our %EXPORT_TAGS = ( rules => [ qw ( handle_nat_rule handle_nonat_rule process_one_masq convert_masq @addresses_to_add %addresses_to_add ) ] );
+our %EXPORT_TAGS = ( rules => [ qw ( handle_nat_rule handle_nonat_rule convert_masq @addresses_to_add %addresses_to_add ) ] );
 our @EXPORT_OK = ();
 
 Exporter::export_ok_tags('rules');
@@ -587,11 +587,11 @@ EOF
 # Convert a masq file into the equivalent snat file
 #
 sub convert_masq() {
+    my $have_masq_rules;
+
     if ( my $fn = open_file( 'masq', 1, 1 ) ) {
 	my ( $snat, $fn1 ) = open_snat_for_output( $fn );
 
-	my $have_masq_rules;
-
 	directive_callback(
 	    sub ()
 	    {
@@ -647,6 +647,8 @@ sub convert_masq() {
 
 	close $snat, directive_callback( 0 );
     }
+
+    $have_masq_rules;
 }
 
 #
diff --git a/Shorewall/Perl/Shorewall/Rules.pm b/Shorewall/Perl/Shorewall/Rules.pm
index 50beaa442..72b2850b4 100644
--- a/Shorewall/Perl/Shorewall/Rules.pm
+++ b/Shorewall/Perl/Shorewall/Rules.pm
@@ -5851,23 +5851,15 @@ sub process_snat( )
 }
 
 #
-# Process the masq or snat file
+# Process the snat file. Convert the masq file if found and non-empty
 #
-sub setup_snat( $ ) # Convert masq->snat if true
+sub setup_snat()
 {
     my $fn;
-    my $have_masq;
 
-    if ( $_[0] ) {
-	convert_masq();
-    } elsif ( $fn = open_file( 'masq', 1, 1 ) ) {
-	first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , "a non-empty masq file" , 's'; } );
-	process_one_masq(0), $have_masq = 1 while read_a_line( NORMAL_READ );
-    }
-
-    unless ( $have_masq ) {
+    unless ( convert_masq ) {
 	#
-	# Masq file empty or didn't exist
+	# Masq file was empty or didn't exist
 	#
 	if ( $fn = open_file( 'snat', 1, 1 ) ) {
 	    first_entry( sub { progress_message2 "$doing $fn..."; require_capability 'NAT_ENABLED' , "a non-empty snat file" , 's'; } );