optimize: do not print stateful information

Do not print stateful information such as counters which are likely set to zero. Before this patch: Merging: packets.conf:10:3-29: ip protocol 4 counter drop packets.conf:11:3-29: ip protocol 41 counter drop packets.conf:12:3-29: ip protocol 47 counter drop into: ip protocol { 4, 41, 47 } counter packets 0 bytes 0 drop ^^^^^^^^^^^^^^^^^ After: Merging: packets.conf:10:3-29: ip protocol 4 counter drop packets.conf:11:3-29: ip protocol 41 counter drop packets.conf:12:3-29: ip protocol 47 counter drop into: ip protocol { 4, 41, 47 } counter drop Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
author: Pablo Neira Ayuso <pablo@netfilter.org> 2022-06-17 17:25:50 +0200
committer: Pablo Neira Ayuso <pablo@netfilter.org> 2022-06-23 19:00:02 +0200
commit: 8f10f33a0998391acbb56bba65e1d350eebda105 (patch)
tree: 86b1ea76e10c204a028ede0810a02f033b78b656 /src
parent: 3ac932e90b23402b3b18952123fbed97d8d50920 (diff)
1 files changed, 4 insertions, 0 deletions
diff --git a/src/optimize.c b/src/optimize.c
index 543d3ca5..b19a8b55 100644
--- a/src/optimize.c
+++ b/src/optimize.c
@@ -873,6 +873,8 @@ static void merge_rules(const struct optimize_ctx *ctx,
 		assert(0);
 	}
 
+        octx->flags |= NFT_CTX_OUTPUT_STATELESS;
+
 	fprintf(octx->error_fp, "Merging:\n");
 	rule_optimize_print(octx, ctx->rule[from]);
 
@@ -885,6 +887,8 @@ static void merge_rules(const struct optimize_ctx *ctx,
 	fprintf(octx->error_fp, "into:\n\t");
 	rule_print(ctx->rule[from], octx);
 	fprintf(octx->error_fp, "\n");
+
+        octx->flags &= ~NFT_CTX_OUTPUT_STATELESS;
 }
 
 static bool stmt_type_eq(const struct stmt *stmt_a, const struct stmt *stmt_b)
author	Pablo Neira Ayuso <pablo@netfilter.org>	2022-06-17 17:25:50 +0200
committer	Pablo Neira Ayuso <pablo@netfilter.org>	2022-06-23 19:00:02 +0200
commit	8f10f33a0998391acbb56bba65e1d350eebda105 (patch)
tree	86b1ea76e10c204a028ede0810a02f033b78b656 /src
parent	3ac932e90b23402b3b18952123fbed97d8d50920 (diff)