chore: use gofumpt for code formatting

2024-10-11 19:20:48 +00:00
parent 3daf15a612
commit 76a4bb5dc3
289 changed files with 784 additions and 548 deletions
--- a/internal/firewall/delete.go
+++ b/internal/firewall/delete.go
@@ -33,7 +33,8 @@ func isDeleteMatchInstruction(instruction string) bool {
 }

 func deleteIPTablesRule(ctx context.Context, iptablesBinary, instruction string,
-	runner CmdRunner, logger Logger) (err error) {
+	runner CmdRunner, logger Logger,
+) (err error) {
 	targetRule, err := parseIptablesInstruction(instruction)
 	if err != nil {
 		return fmt.Errorf("parsing iptables command: %w", err)
@@ -69,9 +70,12 @@ func deleteIPTablesRule(ctx context.Context, iptablesBinary, instruction string,
 // It returns 0 if the rule is not found.
 func findLineNumber(ctx context.Context, iptablesBinary string,
 	instruction iptablesInstruction, runner CmdRunner, logger Logger) (
-	lineNumber uint16, err error) {
-	listFlags := []string{"-t", instruction.table, "-L", instruction.chain,
-		"--line-numbers", "-n", "-v"}
+	lineNumber uint16, err error,
+) {
+	listFlags := []string{
+		"-t", instruction.table, "-L", instruction.chain,
+		"--line-numbers", "-n", "-v",
+	}
 	cmd := exec.CommandContext(ctx, iptablesBinary, listFlags...) // #nosec G204
 	logger.Debug(cmd.String())
 	output, err := runner.Run(cmd)
--- a/internal/firewall/firewall.go
+++ b/internal/firewall/firewall.go
@@ -36,7 +36,8 @@ type Config struct { //nolint:maligned
 // if no iptables implementation is available.
 func NewConfig(ctx context.Context, logger Logger,
 	runner CmdRunner, defaultRoutes []routing.DefaultRoute,
-	localNetworks []routing.LocalNetwork) (config *Config, err error) {
+	localNetworks []routing.LocalNetwork,
+) (config *Config, err error) {
 	iptables, err := checkIptablesSupport(ctx, runner, "iptables", "iptables-nft", "iptables-legacy")
 	if err != nil {
 		return nil, err
--- a/internal/firewall/ip6tables.go
+++ b/internal/firewall/ip6tables.go
@@ -12,7 +12,8 @@ import (
 // and returns the iptables path that is supported. If none work, an
 // empty string path is returned.
 func findIP6tablesSupported(ctx context.Context, runner CmdRunner) (
-	ip6tablesPath string, err error) {
+	ip6tablesPath string, err error,
+) {
 	ip6tablesPath, err = checkIptablesSupport(ctx, runner, "ip6tables", "ip6tables-nft", "ip6tables-legacy")
 	if errors.Is(err, ErrIPTablesNotSupported) {
 		return "", nil
--- a/internal/firewall/iptables.go
+++ b/internal/firewall/iptables.go
@@ -112,7 +112,8 @@ func (c *Config) acceptInputThroughInterface(ctx context.Context, intf string, r
 }

 func (c *Config) acceptInputToSubnet(ctx context.Context, intf string,
-	destination netip.Prefix, remove bool) error {
+	destination netip.Prefix, remove bool,
+) error {
 	interfaceFlag := "-i " + intf
 	if intf == "*" { // all interfaces
 		interfaceFlag = ""
@@ -144,7 +145,8 @@ func (c *Config) acceptEstablishedRelatedTraffic(ctx context.Context, remove boo
 }

 func (c *Config) acceptOutputTrafficToVPN(ctx context.Context,
-	defaultInterface string, connection models.Connection, remove bool) error {
+	defaultInterface string, connection models.Connection, remove bool,
+) error {
 	protocol := connection.Protocol
 	if protocol == "tcp-client" {
 		protocol = "tcp" //nolint:goconst
@@ -162,7 +164,8 @@ func (c *Config) acceptOutputTrafficToVPN(ctx context.Context,

 // Thanks to @npawelek.
 func (c *Config) acceptOutputFromIPToSubnet(ctx context.Context,
-	intf string, sourceIP netip.Addr, destinationSubnet netip.Prefix, remove bool) error {
+	intf string, sourceIP netip.Addr, destinationSubnet netip.Prefix, remove bool,
+) error {
 	doIPv4 := sourceIP.Is4() && destinationSubnet.Addr().Is4()

 	interfaceFlag := "-o " + intf
@@ -183,7 +186,8 @@ func (c *Config) acceptOutputFromIPToSubnet(ctx context.Context,

 // NDP uses multicast address (theres no broadcast in IPv6 like ARP uses in IPv4).
 func (c *Config) acceptIpv6MulticastOutput(ctx context.Context,
-	intf string, remove bool) error {
+	intf string, remove bool,
+) error {
 	interfaceFlag := "-o " + intf
 	if intf == "*" { // all interfaces
 		interfaceFlag = ""
@@ -207,7 +211,8 @@ func (c *Config) acceptInputToPort(ctx context.Context, intf string, port uint16

 // Used for VPN server side port forwarding, with intf set to the VPN tunnel interface.
 func (c *Config) redirectPort(ctx context.Context, intf string,
-	sourcePort, destinationPort uint16, remove bool) (err error) {
+	sourcePort, destinationPort uint16, remove bool,
+) (err error) {
 	interfaceFlag := "-i " + intf
 	if intf == "*" { // all interfaces
 		interfaceFlag = ""
--- a/internal/firewall/list.go
+++ b/internal/firewall/list.go
@@ -32,9 +32,7 @@ type chainRule struct {
 	ctstate         []string     // for example ["RELATED","ESTABLISHED"]. Can be empty.
 }

-var (
-	ErrChainListMalformed = errors.New("iptables chain list output is malformed")
-)
+var ErrChainListMalformed = errors.New("iptables chain list output is malformed")

 func parseChain(iptablesOutput string) (c chain, err error) {
 	// Text example:
@@ -146,9 +144,7 @@ func parseChainGeneralDataLine(line string) (base chain, err error) {
 	return base, nil
 }

-var (
-	ErrChainRuleMalformed = errors.New("chain rule is malformed")
-)
+var ErrChainRuleMalformed = errors.New("chain rule is malformed")

 func parseChainRuleLine(line string) (rule chainRule, err error) {
 	line = strings.TrimSpace(line)
@@ -300,9 +296,7 @@ func parsePortsCSV(s string) (ports []uint16, err error) {
 	return ports, nil
 }

-var (
-	ErrLineNumberIsZero = errors.New("line number is zero")
-)
+var ErrLineNumberIsZero = errors.New("line number is zero")

 func parseLineNumber(s string) (n uint16, err error) {
 	const base, bitLength = 10, 16
@@ -315,9 +309,7 @@ func parseLineNumber(s string) (n uint16, err error) {
 	return uint16(lineNumber), nil
 }

-var (
-	ErrTargetUnknown = errors.New("unknown target")
-)
+var ErrTargetUnknown = errors.New("unknown target")

 func checkTarget(target string) (err error) {
 	switch target {
@@ -327,9 +319,7 @@ func checkTarget(target string) (err error) {
 	return fmt.Errorf("%w: %s", ErrTargetUnknown, target)
 }

-var (
-	ErrProtocolUnknown = errors.New("unknown protocol")
-)
+var ErrProtocolUnknown = errors.New("unknown protocol")

 func parseProtocol(s string) (protocol string, err error) {
 	switch s {
@@ -344,9 +334,7 @@ func parseProtocol(s string) (protocol string, err error) {
 	return protocol, nil
 }

-var (
-	ErrMetricSizeMalformed = errors.New("metric size is malformed")
-)
+var ErrMetricSizeMalformed = errors.New("metric size is malformed")

 // parseMetricSize parses a metric size string like 140K or 226M and
 // returns the raw integer matching it.
--- a/internal/firewall/parse.go
+++ b/internal/firewall/parse.go
@@ -70,9 +70,7 @@ func ipPrefixesEqual(instruction, chainRule netip.Prefix) bool {
 		(!instruction.IsValid() && chainRule.Bits() == 0 && chainRule.Addr().IsUnspecified())
 }

-var (
-	ErrIptablesCommandMalformed = errors.New("iptables command is malformed")
-)
+var ErrIptablesCommandMalformed = errors.New("iptables command is malformed")

 func parseIptablesInstruction(s string) (instruction iptablesInstruction, err error) {
 	if s == "" {
--- a/internal/firewall/redirect.go
+++ b/internal/firewall/redirect.go
@@ -11,7 +11,8 @@ import (
 // If the destination port is zero, the redirection for the source port is removed
 // and no new redirection is added.
 func (c *Config) RedirectPort(ctx context.Context, intf string, sourcePort,
-	destinationPort uint16) (err error) {
+	destinationPort uint16,
+) (err error) {
 	c.stateMutex.Lock()
 	defer c.stateMutex.Unlock()

@@ -90,7 +91,8 @@ func (p *portRedirections) remove(intf string, sourcePort uint16) {
 }

 func (p *portRedirections) check(dryRun portRedirection) (alreadyExists bool,
-	conflict *portRedirection) {
+	conflict *portRedirection,
+) {
 	slice := *p
 	for _, redirection := range slice {
 		interfaceMatch := redirection.interfaceName == "" ||
--- a/internal/firewall/support.go
+++ b/internal/firewall/support.go
@@ -18,7 +18,8 @@ var (
 )

 func checkIptablesSupport(ctx context.Context, runner CmdRunner,
-	iptablesPathsToTry ...string) (iptablesPath string, err error) {
+	iptablesPathsToTry ...string,
+) (iptablesPath string, err error) {
 	iptablesPathToUnsupportedMessage := make(map[string]string, len(iptablesPathsToTry))
 	for _, pathToTest := range iptablesPathsToTry {
 		ok, unsupportedMessage, err := testIptablesPath(ctx, pathToTest, runner)
@@ -61,7 +62,8 @@ func checkIptablesSupport(ctx context.Context, runner CmdRunner,

 func testIptablesPath(ctx context.Context, path string,
 	runner CmdRunner) (ok bool, unsupportedMessage string,
-	criticalErr error) {
+	criticalErr error,
+) {
 	// Just listing iptables rules often work but we need
 	// to modify them to ensure we can support the iptables
 	// being tested.
--- a/internal/firewall/support_test.go
+++ b/internal/firewall/support_test.go
@@ -116,8 +116,7 @@ func Test_checkIptablesSupport(t *testing.T) {

 			runner := testCase.buildRunner(ctrl)

-			iptablesPath, err :=
-				checkIptablesSupport(ctx, runner, testCase.iptablesPathsToTry...)
+			iptablesPath, err := checkIptablesSupport(ctx, runner, testCase.iptablesPathsToTry...)

 			require.ErrorIs(t, err, testCase.errSentinel)
 			if testCase.errSentinel != nil {
@@ -254,8 +253,7 @@ func Test_testIptablesPath(t *testing.T) {

 			runner := testCase.buildRunner(ctrl)

-			ok, unsupportedMessage, criticalErr :=
-				testIptablesPath(ctx, path, runner)
+			ok, unsupportedMessage, criticalErr := testIptablesPath(ctx, path, runner)

 			assert.Equal(t, testCase.ok, ok)
 			assert.Equal(t, testCase.unsupportedMessage, unsupportedMessage)
--- a/internal/firewall/vpn.go
+++ b/internal/firewall/vpn.go
@@ -8,7 +8,8 @@ import (
 )

 func (c *Config) SetVPNConnection(ctx context.Context,
-	connection models.Connection, vpnIntf string) (err error) {
+	connection models.Connection, vpnIntf string,
+) (err error) {
 	c.stateMutex.Lock()
 	defer c.stateMutex.Unlock()