add type for RuleSet

2025-02-02 11:29:46 +01:00 · 2023-06-28 14:09:23 +02:00 · 2023-06-28 14:09:23 +02:00 · e074c24487
commit e074c24487
parent 54fe05f6d8
2 changed files with 14 additions and 11 deletions
--- a/client/firewall/uspfilter/uspfilter.go
+++ b/client/firewall/uspfilter/uspfilter.go
@ -21,10 +21,13 @@ type IFaceMapper interface {
 	SetFilter(iface.PacketFilter) error
 }

+// RuleSet is a set of rules grouped by a string key
+type RuleSet map[string]Rule
+
 // Manager userspace firewall manager
 type Manager struct {
-	outgoingRules map[string]map[string]Rule
-	incomingRules map[string]map[string]Rule
+	outgoingRules map[string]RuleSet
+	incomingRules map[string]RuleSet
 	wgNetwork     *net.IPNet
 	decoders      sync.Pool

@ -60,8 +63,8 @@ func Create(iface IFaceMapper) (*Manager, error) {
 				return d
 			},
 		},
-		outgoingRules: make(map[string]map[string]Rule),
-		incomingRules: make(map[string]map[string]Rule),
+		outgoingRules: make(map[string]RuleSet),
+		incomingRules: make(map[string]RuleSet),
 	}

 	if err := iface.SetFilter(m); err != nil {
@ -126,12 +129,12 @@ func (m *Manager) AddFiltering(
 	m.mutex.Lock()
 	if direction == fw.RuleDirectionIN {
 		if _, ok := m.incomingRules[r.ip.String()]; !ok {
-			m.incomingRules[r.ip.String()] = make(map[string]Rule)
+			m.incomingRules[r.ip.String()] = make(RuleSet)
 		}
 		m.incomingRules[r.ip.String()][r.id] = r
 	} else {
 		if _, ok := m.outgoingRules[r.ip.String()]; !ok {
-			m.outgoingRules[r.ip.String()] = make(map[string]Rule)
+			m.outgoingRules[r.ip.String()] = make(RuleSet)
 		}
 		m.outgoingRules[r.ip.String()][r.id] = r
 	}
@ -172,8 +175,8 @@ func (m *Manager) Reset() error {
 	m.mutex.Lock()
 	defer m.mutex.Unlock()

-	m.outgoingRules = make(map[string]map[string]Rule)
-	m.incomingRules = make(map[string]map[string]Rule)
+	m.outgoingRules = make(map[string]RuleSet)
+	m.incomingRules = make(map[string]RuleSet)

 	return nil
 }
@ -189,7 +192,7 @@ func (m *Manager) DropIncoming(packetData []byte) bool {
 }

 // dropFilter imlements same logic for booth direction of the traffic
-func (m *Manager) dropFilter(packetData []byte, rules map[string]map[string]Rule, isIncomingPacket bool) bool {
+func (m *Manager) dropFilter(packetData []byte, rules map[string]RuleSet, isIncomingPacket bool) bool {
 	m.mutex.RLock()
 	defer m.mutex.RUnlock()

--- a/client/firewall/uspfilter/uspfilter_test.go
+++ b/client/firewall/uspfilter/uspfilter_test.go
@ -169,8 +169,8 @@ func TestAddUDPPacketHook(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			manager := &Manager{
-				incomingRules: map[string]map[string]Rule{},
-				outgoingRules: map[string]map[string]Rule{},
+				incomingRules: map[string]RuleSet{},
+				outgoingRules: map[string]RuleSet{},
 			}

 			manager.AddUDPPacketHook(tt.in, tt.ip, tt.dPort, tt.hook)