Ponywka/MagiTrickle
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 1 Wiki Activity

refactor CleanIPTables

Browse Source
This commit is contained in:
Vladimir Avtsenov 2025-02-11 15:22:08 +03:00
parent f818a86a1a
commit 066eeb0ab7
2 changed files with 7 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
kvas2.go
View File

@ -561,7 +561,7 @@ func New(config Config) (*App, error) {
return nil, fmt.Errorf("netfilter helper init fail: %w", err) return nil, fmt.Errorf("netfilter helper init fail: %w", err)
} }
app.NetfilterHelper4 = nh4 app.NetfilterHelper4 = nh4
err = app.NetfilterHelper4.ClearIPTables(app.Config.ChainPrefix) err = app.NetfilterHelper4.CleanIPTables(app.Config.ChainPrefix)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to clear iptables: %w", err) return nil, fmt.Errorf("failed to clear iptables: %w", err)
} }
@ -571,7 +571,7 @@ func New(config Config) (*App, error) {
return nil, fmt.Errorf("netfilter helper init fail: %w", err) return nil, fmt.Errorf("netfilter helper init fail: %w", err)
} }
app.NetfilterHelper6 = nh6 app.NetfilterHelper6 = nh6
err = app.NetfilterHelper6.ClearIPTables(app.Config.ChainPrefix) err = app.NetfilterHelper6.CleanIPTables(app.Config.ChainPrefix)
if err != nil { if err != nil {
return nil, fmt.Errorf("failed to clear iptables: %w", err) return nil, fmt.Errorf("failed to clear iptables: %w", err)
} }

19
netfilter-helper/iptables-cleaner.go
View File

@ -5,11 +5,9 @@ import (
"strings" "strings"
) )
func (nh *NetfilterHelper) ClearIPTables(chainPrefix string) error { func (nh *NetfilterHelper) CleanIPTables(chainPrefix string) error {
jumpToChainPrefix := fmt.Sprintf("-j %s", chainPrefix) jumpToChainPrefix := fmt.Sprintf("-j %s", chainPrefix)
tableList := []string{"nat", "mangle", "filter"} for _, table := range []string{"nat", "mangle", "filter"} {
for _, table := range tableList {
chainListToDelete := make([]string, 0) chainListToDelete := make([]string, 0)
chains, err := nh.IPTables.ListChains(table) chains, err := nh.IPTables.ListChains(table)
@ -29,15 +27,8 @@ func (nh *NetfilterHelper) ClearIPTables(chainPrefix string) error {
} }
for _, rule := range rules { for _, rule := range rules {
ruleSlice := strings.Split(rule, " ") if strings.Contains(rule, jumpToChainPrefix) {
if len(ruleSlice) < 2 || ruleSlice[0] != "-A" || ruleSlice[1] != chain { err = nh.IPTables.Delete(table, chain, rule)
// TODO: Warn
continue
}
ruleSlice = ruleSlice[2:]
if strings.Contains(strings.Join(ruleSlice, " "), jumpToChainPrefix) {
err := nh.IPTables.Delete(table, chain, ruleSlice...)
if err != nil { if err != nil {
return fmt.Errorf("rule deletion error: %w", err) return fmt.Errorf("rule deletion error: %w", err)
} }
@ -46,7 +37,7 @@ func (nh *NetfilterHelper) ClearIPTables(chainPrefix string) error {
} }
for _, chain := range chainListToDelete { for _, chain := range chainListToDelete {
err := nh.IPTables.ClearAndDeleteChain(table, chain) err = nh.IPTables.ClearAndDeleteChain(table, chain)
if err != nil { if err != nil {
return fmt.Errorf("deleting chain error: %w", err) return fmt.Errorf("deleting chain error: %w", err)
} }