fw minor changes

use struct{} instead of bool for exit channels, func parms cosmetic change.
evilsocket · May 12, 2024 · c9ad900 · c9ad900
1 parent 8935bfe
commit c9ad900
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 10 deletions.
diff --git a/daemon/firewall/common/common.go b/daemon/firewall/common/common.go
@@ -30,7 +30,7 @@ type (
 	Common struct {
 		RulesChecker       *time.Ticker
 		ErrChan            chan string
-		stopChecker        chan bool
+		stopChecker        chan struct{}
 		RulesCheckInterval time.Duration
 		QueueNum           uint16
 		Running            bool
@@ -132,12 +132,12 @@ func (c *Common) NewRulesChecker(areRulesLoaded callbackBool, reloadRules callba
 	if c.RulesChecker != nil {
 		c.RulesChecker.Stop()
 		select {
-		case c.stopChecker <- true:
+		case c.stopChecker <- struct{}{}:
 		case <-time.After(5 * time.Millisecond):
 			log.Error("NewRulesChecker: timed out stopping monitor rules")
 		}
 	}
-	c.stopChecker = make(chan bool, 1)
+	c.stopChecker = make(chan struct{}, 1)
 	log.Info("Starting new fw checker every %s ...", c.RulesCheckInterval)
 	c.RulesChecker = time.NewTicker(c.RulesCheckInterval)
 
@@ -146,7 +146,7 @@ func (c *Common) NewRulesChecker(areRulesLoaded callbackBool, reloadRules callba
 
 // StartCheckingRules monitors if our rules are loaded.
 // If the rules to intercept traffic are not loaded, we'll try to insert them again.
-func startCheckingRules(exitChan <-chan bool, rulesChecker *time.Ticker, areRulesLoaded callbackBool, reloadRules callback) {
+func startCheckingRules(exitChan <-chan struct{}, rulesChecker *time.Ticker, areRulesLoaded callbackBool, reloadRules callback) {
 	for {
 		select {
 		case <-exitChan:
@@ -173,7 +173,7 @@ func (c *Common) StopCheckingRules() {
 
 	if c.RulesChecker != nil {
 		select {
-		case c.stopChecker <- true:
+		case c.stopChecker <- struct{}{}:
 			close(c.stopChecker)
 		case <-time.After(5 * time.Millisecond):
 			// We should not arrive here

diff --git a/daemon/firewall/config/config.go b/daemon/firewall/config/config.go
@@ -114,7 +114,7 @@ type SystemConfig struct {
 // This is the configuration to manage the system firewall (iptables, nftables).
 type Config struct {
 	watcher         *fsnotify.Watcher
-	monitorExitChan chan bool
+	monitorExitChan chan struct{}
 	// preloadCallback is called before reloading the configuration,
 	// in order to delete old fw rules.
 	preloadCallback func()
@@ -139,7 +139,7 @@ func (c *Config) NewSystemFwConfig(configPath string, preLoadCb, reLoadCb func()
 	defer c.Unlock()
 
 	c.file = configPath
-	c.monitorExitChan = make(chan bool, 1)
+	c.monitorExitChan = make(chan struct{}, 1)
 	c.preloadCallback = preLoadCb
 	c.reloadCallback = reLoadCb
 	c.watcher = watcher
@@ -232,7 +232,7 @@ func (c *Config) StopConfigWatcher() {
 	defer c.Unlock()
 
 	if c.monitorExitChan != nil {
-		c.monitorExitChan <- true
+		c.monitorExitChan <- struct{}{}
 		close(c.monitorExitChan)
 	}
 

diff --git a/daemon/firewall/nftables/rules.go b/daemon/firewall/nftables/rules.go
@@ -15,7 +15,7 @@ import (
 // of resolved domains.
 // This rule must be added in top of the system rules, otherwise it may get bypassed.
 // nft insert rule ip filter input udp sport 53 queue num 0 bypass
-func (n *Nft) QueueDNSResponses(enable bool, logError bool) (error, error) {
+func (n *Nft) QueueDNSResponses(enable, logError bool) (error, error) {
 	if n.Conn == nil {
 		return nil, nil
 	}
@@ -77,7 +77,7 @@ func (n *Nft) QueueDNSResponses(enable bool, logError bool) (error, error) {
 // This rule must be added at the end of all the other rules, that way we can add
 // rules above this one to exclude a service/app from being intercepted.
 // nft insert rule ip mangle OUTPUT ct state new queue num 0 bypass
-func (n *Nft) QueueConnections(enable bool, logError bool) (error, error) {
+func (n *Nft) QueueConnections(enable, logError bool) (error, error) {
 	if n.Conn == nil {
 		return nil, fmt.Errorf("nftables QueueConnections: netlink connection not active")
 	}