Small fixes

2022-09-20 16:44:31 +02:00
parent ecce16ee78
commit 5ed133d578
4 changed files with 14 additions and 12 deletions
--- a/firewall/interception.go
+++ b/firewall/interception.go
@@ -72,7 +72,7 @@ func interceptionPrep() error {
 		configChangeEvent,
 		"reset connection verdicts",
 		func(ctx context.Context, _ interface{}) error {
-			resetPersistentVerdicts()
+			resetAllConnectionVerdicts()
 			return nil
 		},
 	)
@@ -86,7 +86,7 @@ func interceptionPrep() error {
 		profileConfigChangeEvent,
 		"reset connection verdicts",
 		func(ctx context.Context, _ interface{}) error {
-			resetPersistentVerdicts()
+			resetAllConnectionVerdicts()
 			return nil
 		},
 	)
@@ -101,7 +101,7 @@ func interceptionPrep() error {
 		onSPNConnectEvent,
 		"reset connection verdicts",
 		func(ctx context.Context, _ interface{}) error {
-			resetPersistentVerdicts()
+			resetAllConnectionVerdicts()
 			return nil
 		},
 	)
@@ -116,7 +116,7 @@ func interceptionPrep() error {
 	return prepAPIAuth()
 }

-func resetPersistentVerdicts() {
+func resetAllConnectionVerdicts() {
 	// Resetting will force all the connection to be evaluated by the firewall again
 	// this will set new verdicts if configuration was update or spn has been disabled or enabled.
 	log.Info("interception: reevaluating all connection trough the firewall")
--- a/firewall/interception/nfq/conntrack.go
+++ b/firewall/interception/nfq/conntrack.go
@@ -6,6 +6,7 @@ import (
 	"encoding/binary"

 	ct "github.com/florianl/go-conntrack"
+
 	"github.com/safing/portbase/log"
 	"github.com/safing/portmaster/netenv"
 )
@@ -36,7 +37,9 @@ func deleteMarkedConnections(nfct *ct.Nfct, f ct.Family) {
 	filter.MarkMask = []byte{0xFF, 0xFF, 0xFF, 0xFF}
 	filter.Mark = []byte{0x00, 0x00, 0x00, 0x00} // 4 zeros starting value

-	// get all connections from the specified family (ipv4 or ipv6)
+	numberOfErrors := 0
+	var deleteError error = nil
+	// Get all connections from the specified family (ipv4 or ipv6)
 	for _, mark := range permanentFlags {
 		binary.BigEndian.PutUint32(filter.Mark, mark) // Little endian is in reverse not sure why. BigEndian makes it in correct order.
 		currentConnections, err := nfct.Query(ct.Conntrack, f, filter)
@@ -45,16 +48,15 @@ func deleteMarkedConnections(nfct *ct.Nfct, f ct.Family) {
 			continue
 		}

-		numberOfErrors := 0
 		for _, connection := range currentConnections {
-			err = nfct.Delete(ct.Conntrack, ct.IPv4, connection)
+			deleteError = nfct.Delete(ct.Conntrack, ct.IPv4, connection)
 			if err != nil {
 				numberOfErrors++
 			}
 		}
+	}

-		if numberOfErrors > 0 {
-			log.Warningf("nfq: failed to delete %d conntrack entries last error is: %s", numberOfErrors, err)
-		}
+	if numberOfErrors > 0 {
+		log.Warningf("nfq: failed to delete %d conntrack entries last error is: %s", numberOfErrors, deleteError)
 	}
 }
--- a/firewall/interception/windowskext/kext.go
+++ b/firewall/interception/windowskext/kext.go
@@ -95,7 +95,7 @@ func Init(dllPath, driverPath string) error {
 	new.clearCache, err = new.dll.FindProc("PortmasterClearCache")
 	if err != nil {
 		// the loaded dll is an old version
-		log.Errorf("could not find proc PortmasterClearCache (v0.x.x+) in dll: %s", err)
+		log.Errorf("could not find proc PortmasterClearCache (v1.0.12+) in dll: %s", err)
 	}

 	// initialize dll/kext