diff options
-rw-r--r-- | src/optimize.c | 2 | ||||
-rw-r--r-- | tests/shell/testcases/optimizations/dumps/merge_vmaps.nft | 7 | ||||
-rwxr-xr-x | tests/shell/testcases/optimizations/merge_vmaps | 5 |
3 files changed, 13 insertions, 1 deletions
diff --git a/src/optimize.c b/src/optimize.c index d6dfffec..3a3049d4 100644 --- a/src/optimize.c +++ b/src/optimize.c @@ -304,7 +304,7 @@ static int rule_collect_stmts(struct optimize_ctx *ctx, struct rule *rule) clone->nat.type_flags = stmt->nat.type_flags; break; default: - stmt_free(clone); + xfree(clone); continue; } diff --git a/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft b/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft index 05b9e575..c981acf0 100644 --- a/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft +++ b/tests/shell/testcases/optimizations/dumps/merge_vmaps.nft @@ -1,4 +1,10 @@ table ip x { + set s { + type ipv4_addr + size 65535 + flags dynamic + } + chain filter_in_tcp { } @@ -6,6 +12,7 @@ table ip x { } chain y { + update @s { ip saddr limit rate 12/minute burst 30 packets } accept tcp dport vmap { 80 : accept, 81 : accept, 443 : accept, 8000-8100 : accept, 24000-25000 : accept } meta l4proto vmap { tcp : goto filter_in_tcp, udp : goto filter_in_udp } log diff --git a/tests/shell/testcases/optimizations/merge_vmaps b/tests/shell/testcases/optimizations/merge_vmaps index 0922a221..e2e4be15 100755 --- a/tests/shell/testcases/optimizations/merge_vmaps +++ b/tests/shell/testcases/optimizations/merge_vmaps @@ -3,11 +3,16 @@ set -e RULESET="table ip x { + set s { + type ipv4_addr + flags dynamic + } chain filter_in_tcp { } chain filter_in_udp { } chain y { + update @s { ip saddr limit rate 12/minute burst 30 packets } accept tcp dport vmap { 80 : accept, 81 : accept, |