From 31357dc4d7da625002ae73fa91bc84ef4596a0c1 Mon Sep 17 00:00:00 2001
From: Theron Tock <theron@netcitadel.com>
Date: Wed, 13 Jul 2011 13:36:43 -0700
Subject: [PATCH] 	* Took out checks (added for #2514) for empty path in
 an Address 	Table object.  It's valid to have an empty path for the
 situation 	where a user wants to use an ipset in place of the table.

---
 doc/ChangeLog                     | 4 ++++
 src/iptlib/NATCompiler_ipt.cpp    | 8 --------
 src/iptlib/PolicyCompiler_ipt.cpp | 8 --------
 3 files changed, 4 insertions(+), 16 deletions(-)

diff --git a/doc/ChangeLog b/doc/ChangeLog
index a7fdb6f39..db4cf4a5c 100644
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@@ -5,6 +5,10 @@
 	group expansion is done the same way in the UI and for the
 	compiler, also fixed #2502 (consolidate logic for DynamicGroup).
 
+	* Took out checks (added for #2514) for empty path in an Address
+	Table object.  It's valid to have an empty path for the situation
+	where a user wants to use an ipset in place of the table.
+
 2011-07-11  theron	<theron@netcitadel.com>
 	* Implemented #2514, support for address table alternate paths.
 	There's a "data directory" setting under user preferences.  If the
diff --git a/src/iptlib/NATCompiler_ipt.cpp b/src/iptlib/NATCompiler_ipt.cpp
index b878c79b0..e8bf9adc0 100644
--- a/src/iptlib/NATCompiler_ipt.cpp
+++ b/src/iptlib/NATCompiler_ipt.cpp
@@ -2318,10 +2318,6 @@ bool NATCompiler_ipt::processMultiAddressObjectsInRE::processNext()
             {
                 string path =
                     atrt->getSourceNameAsPath(compiler->getCachedFwOpt());
-                if (path.empty()) {
-                    compiler->abort(rule, "Empty path or data directory for address table: " + atrt->getName());
-                    return true;
-                }
                 rule->setStr("address_table_file", path);
                 osconf->registerMultiAddressObject(atrt);
             }
@@ -2361,10 +2357,6 @@ bool NATCompiler_ipt::processMultiAddressObjectsInRE::processNext()
             nre->addRef( atrt );
 
             string path = atrt->getSourceNameAsPath(compiler->getCachedFwOpt());
-            if (path.empty()) {
-                compiler->abort(rule, "Empty path or data directory for address table: " + atrt->getName());
-                return true;
-            }
             r->setStr("address_table_file", path);
 
             osconf->registerMultiAddressObject(atrt);
diff --git a/src/iptlib/PolicyCompiler_ipt.cpp b/src/iptlib/PolicyCompiler_ipt.cpp
index 888ab6bb4..cba4eb183 100644
--- a/src/iptlib/PolicyCompiler_ipt.cpp
+++ b/src/iptlib/PolicyCompiler_ipt.cpp
@@ -3896,10 +3896,6 @@ bool PolicyCompiler_ipt::processMultiAddressObjectsInRE::processNext()
             {
                 string path =
                     atrt->getSourceNameAsPath(compiler->getCachedFwOpt());
-                if (path.empty()) {
-                    compiler->abort(rule, "Empty path or data directory for address table: " + atrt->getName());
-                    return true;
-                }
                 rule->setStr("address_table_file", path);
                 osconf->registerMultiAddressObject(atrt);
             }
@@ -3943,10 +3939,6 @@ bool PolicyCompiler_ipt::processMultiAddressObjectsInRE::processNext()
         nre->addRef( atrt );
 
         string path = atrt->getSourceNameAsPath(compiler->getCachedFwOpt());
-        if (path.empty()) {
-            compiler->abort(rule, "Empty path or data directory for address table: " + atrt->getName());
-            return true;
-        }
         r->setStr("address_table_file", path);
 
         osconf->registerMultiAddressObject(atrt);