From 066eeb0ab77aa36cf5f5416d733fc56bb1032362 Mon Sep 17 00:00:00 2001
From: Vladimir Avtsenov <vladimir.lsk.cool@gmail.com>
Date: Tue, 11 Feb 2025 15:22:08 +0300
Subject: [PATCH] refactor CleanIPTables

---
 kvas2.go                             |  4 ++--
 netfilter-helper/iptables-cleaner.go | 19 +++++--------------
 2 files changed, 7 insertions(+), 16 deletions(-)

diff --git a/kvas2.go b/kvas2.go
index 780147c..3d57397 100644
--- a/kvas2.go
+++ b/kvas2.go
@@ -561,7 +561,7 @@ func New(config Config) (*App, error) {
 		return nil, fmt.Errorf("netfilter helper init fail: %w", err)
 	}
 	app.NetfilterHelper4 = nh4
-	err = app.NetfilterHelper4.ClearIPTables(app.Config.ChainPrefix)
+	err = app.NetfilterHelper4.CleanIPTables(app.Config.ChainPrefix)
 	if err != nil {
 		return nil, fmt.Errorf("failed to clear iptables: %w", err)
 	}
@@ -571,7 +571,7 @@ func New(config Config) (*App, error) {
 		return nil, fmt.Errorf("netfilter helper init fail: %w", err)
 	}
 	app.NetfilterHelper6 = nh6
-	err = app.NetfilterHelper6.ClearIPTables(app.Config.ChainPrefix)
+	err = app.NetfilterHelper6.CleanIPTables(app.Config.ChainPrefix)
 	if err != nil {
 		return nil, fmt.Errorf("failed to clear iptables: %w", err)
 	}
diff --git a/netfilter-helper/iptables-cleaner.go b/netfilter-helper/iptables-cleaner.go
index d79191c..770b73f 100644
--- a/netfilter-helper/iptables-cleaner.go
+++ b/netfilter-helper/iptables-cleaner.go
@@ -5,11 +5,9 @@ import (
 	"strings"
 )
 
-func (nh *NetfilterHelper) ClearIPTables(chainPrefix string) error {
+func (nh *NetfilterHelper) CleanIPTables(chainPrefix string) error {
 	jumpToChainPrefix := fmt.Sprintf("-j %s", chainPrefix)
-	tableList := []string{"nat", "mangle", "filter"}
-
-	for _, table := range tableList {
+	for _, table := range []string{"nat", "mangle", "filter"} {
 		chainListToDelete := make([]string, 0)
 
 		chains, err := nh.IPTables.ListChains(table)
@@ -29,15 +27,8 @@ func (nh *NetfilterHelper) ClearIPTables(chainPrefix string) error {
 			}
 
 			for _, rule := range rules {
-				ruleSlice := strings.Split(rule, " ")
-				if len(ruleSlice) < 2 || ruleSlice[0] != "-A" || ruleSlice[1] != chain {
-					// TODO: Warn
-					continue
-				}
-				ruleSlice = ruleSlice[2:]
-
-				if strings.Contains(strings.Join(ruleSlice, " "), jumpToChainPrefix) {
-					err := nh.IPTables.Delete(table, chain, ruleSlice...)
+				if strings.Contains(rule, jumpToChainPrefix) {
+					err = nh.IPTables.Delete(table, chain, rule)
 					if err != nil {
 						return fmt.Errorf("rule deletion error: %w", err)
 					}
@@ -46,7 +37,7 @@ func (nh *NetfilterHelper) ClearIPTables(chainPrefix string) error {
 		}
 
 		for _, chain := range chainListToDelete {
-			err := nh.IPTables.ClearAndDeleteChain(table, chain)
+			err = nh.IPTables.ClearAndDeleteChain(table, chain)
 			if err != nil {
 				return fmt.Errorf("deleting chain error: %w", err)
 			}