Fix tests and linters

network/api.go

@@ -89,6 +89,7 @@ func debugInfo(ar *api.Request) (data []byte, err error) {
 	return di.Bytes(), nil
 }
 
+// AddNetworkDebugData adds the network debug data of the given profile to the debug data.
 func AddNetworkDebugData(di *debug.Info, profile, where string) {
 	// Prepend where prefix to query if necessary.
 	if where != "" && !strings.HasPrefix(where, "where ") {
@@ -99,7 +100,7 @@ func AddNetworkDebugData(di *debug.Info, profile, where string) {
 	q, err := query.ParseQuery("query network: " + where)
 	if err != nil {
 		di.AddSection(
-			fmt.Sprintf("Network: Debug Failed"),
+			"Network: Debug Failed",
 			debug.NoFlags,
 			fmt.Sprintf("Failed to build query: %s", err),
 		)
@@ -110,7 +111,7 @@ func AddNetworkDebugData(di *debug.Info, profile, where string) {
 	it, err := dbController.Query(q, true, true)
 	if err != nil {
 		di.AddSection(
-			fmt.Sprintf("Network: Debug Failed"),
+			"Network: Debug Failed",
 			debug.NoFlags,
 			fmt.Sprintf("Failed to run query: %s", err),
 		)
@@ -118,9 +119,11 @@ func AddNetworkDebugData(di *debug.Info, profile, where string) {
 	}
 
 	// Collect matching connections.
-	var debugConns []*Connection
-	var accepted int
-	var total int
+	var ( //nolint:prealloc // We don't know the size.
+		debugConns []*Connection
+		accepted   int
+		total      int
+	)
 	for maybeConn := range it.Next {
 		// Switch to correct type.
 		conn, ok := maybeConn.(*Connection)
@@ -149,7 +152,7 @@ func AddNetworkDebugData(di *debug.Info, profile, where string) {
 
 		// Count.
 		total++
-		switch conn.Verdict {
+		switch conn.Verdict { //nolint:exhaustive
 		case VerdictAccept,
 			VerdictRerouteToNameserver,
 			VerdictRerouteToTunnel:

network/api_test.go

@@ -9,12 +9,16 @@ import (
 )
 
 func TestDebugInfoLineFormatting(t *testing.T) {
+	t.Parallel()
+
 	for _, conn := range connectionTestData {
 		fmt.Println(conn.debugInfoLine())
 	}
 }
 
 func TestDebugInfoFormatting(t *testing.T) {
+	t.Parallel()
+
 	fmt.Println(buildNetworkDebugInfoData(connectionTestData))
 }
 

network/clean.go

@@ -4,11 +4,9 @@ import (
 	"context"
 	"time"
 
-	"github.com/safing/portmaster/network/packet"
-
-	"github.com/safing/portmaster/network/state"
-
 	"github.com/safing/portbase/log"
+	"github.com/safing/portmaster/network/packet"
+	"github.com/safing/portmaster/network/state"
 	"github.com/safing/portmaster/process"
 )
 
@@ -41,7 +39,6 @@ func cleanConnections() (activePIDs map[int]struct{}) {
 
 	name := "clean connections" // TODO: change to new fn
 	_ = module.RunMediumPriorityMicroTask(&name, func(ctx context.Context) error {
-
 		now := time.Now().UTC()
 		nowUnix := now.Unix()
 		deleteOlderThan := now.Add(-deleteConnsAfterEndedThreshold).Unix()

network/connection.go

@@ -44,13 +44,14 @@ type ProcessContext struct {
 	Source string
 }
 
+// ConnectionType is a type of connection.
 type ConnectionType int8
 
+// Connection Types.
 const (
 	Undefined ConnectionType = iota
 	IPConnection
 	DNSRequest
-	// ProxyRequest
 )
 
 // Connection describes a distinct physical network connection
@@ -280,6 +281,7 @@ func NewConnectionFromDNSRequest(ctx context.Context, fqdn string, cnames []stri
 	return dnsConn
 }
 
+// NewConnectionFromExternalDNSRequest returns a connection for an external DNS request.
 func NewConnectionFromExternalDNSRequest(ctx context.Context, fqdn string, cnames []string, connID string, remoteIP net.IP) (*Connection, error) {
 	remoteHost, err := process.GetNetworkHost(ctx, remoteIP)
 	if err != nil {
@@ -336,7 +338,6 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 	var dnsContext *resolver.DNSRequestContext
 
 	if inbound {
-
 		switch entity.IPScope {
 		case netutils.HostLocal:
 			scope = IncomingHost
@@ -345,12 +346,11 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 		case netutils.Global, netutils.GlobalMulticast:
 			scope = IncomingInternet
 
-		case netutils.Invalid:
+		case netutils.Undefined, netutils.Invalid:
 			fallthrough
 		default:
 			scope = IncomingInvalid
 		}
-
 	} else {
 
 		// check if we can find a domain for that IP
@@ -379,7 +379,6 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 		}
 
 		if scope == "" {
-
 			// outbound direct (possibly P2P) connection
 			switch entity.IPScope {
 			case netutils.HostLocal:
@@ -389,12 +388,11 @@ func NewConnectionFromFirstPacket(pkt packet.Packet) *Connection {
 			case netutils.Global, netutils.GlobalMulticast:
 				scope = PeerInternet
 
-			case netutils.Invalid:
+			case netutils.Undefined, netutils.Invalid:
 				fallthrough
 			default:
 				scope = PeerInvalid
 			}
-
 		}
 	}
 
@@ -547,10 +545,10 @@ func (conn *Connection) Save() {
 
 	if !conn.KeyIsSet() {
 		if conn.Type == DNSRequest {
-			conn.SetKey(makeKey(conn.process.Pid, "dns", conn.ID))
+			conn.SetKey(makeKey(conn.process.Pid, dbScopeDNS, conn.ID))
 			dnsConns.add(conn)
 		} else {
-			conn.SetKey(makeKey(conn.process.Pid, "ip", conn.ID))
+			conn.SetKey(makeKey(conn.process.Pid, dbScopeIP, conn.ID))
 			conns.add(conn)
 		}
 	}
@@ -597,7 +595,7 @@ func (conn *Connection) StopFirewallHandler() {
 	conn.pktQueue <- nil
 }
 
-// HandlePacket queues packet of Link for handling
+// HandlePacket queues packet of Link for handling.
 func (conn *Connection) HandlePacket(pkt packet.Packet) {
 	conn.Lock()
 	defer conn.Unlock()
@@ -611,7 +609,7 @@ func (conn *Connection) HandlePacket(pkt packet.Packet) {
 	}
 }
 
-// packetHandler sequentially handles queued packets
+// packetHandler sequentially handles queued packets.
 func (conn *Connection) packetHandler() {
 	for pkt := range conn.pktQueue {
 		if pkt == nil {
@@ -649,8 +647,8 @@ func (conn *Connection) GetActiveInspectors() []bool {
 }
 
 // SetActiveInspectors sets the list of active inspectors.
-func (conn *Connection) SetActiveInspectors(new []bool) {
-	conn.activeInspectors = new
+func (conn *Connection) SetActiveInspectors(newInspectors []bool) {
+	conn.activeInspectors = newInspectors
 }
 
 // GetInspectorData returns the list of inspector data.
@@ -659,8 +657,8 @@ func (conn *Connection) GetInspectorData() map[uint8]interface{} {
 }
 
 // SetInspectorData set the list of inspector data.
-func (conn *Connection) SetInspectorData(new map[uint8]interface{}) {
-	conn.inspectorData = new
+func (conn *Connection) SetInspectorData(newInspectorData map[uint8]interface{}) {
+	conn.inspectorData = newInspectorData
 }
 
 // String returns a string representation of conn.

network/connection_store.go

@@ -48,7 +48,7 @@ func (cs *connectionStore) clone() map[string]*Connection {
 	return m
 }
 
-func (cs *connectionStore) len() int {
+func (cs *connectionStore) len() int { //nolint:unused // TODO: Clean up if still unused.
 	cs.rw.RLock()
 	defer cs.rw.RUnlock()
 

network/database.go

@@ -14,6 +14,12 @@ import (
 	"github.com/safing/portmaster/process"
 )
 
+const (
+	dbScopeNone = ""
+	dbScopeDNS  = "dns"
+	dbScopeIP   = "ip"
+)
+
 var (
 	dbController *database.Controller
 
@@ -43,7 +49,7 @@ func parseDBKey(key string) (pid int, scope, id string, ok bool) {
 	// Split into segments.
 	segments := strings.Split(key, "/")
 	// Check for valid prefix.
-	if !strings.HasPrefix("tree", segments[0]) {
+	if segments[0] != "tree" {
 		return 0, "", "", false
 	}
 
@@ -57,7 +63,7 @@ func parseDBKey(key string) (pid int, scope, id string, ok bool) {
 		scope = segments[2]
 		// Sanity check.
 		switch scope {
-		case "dns", "ip", "":
+		case dbScopeNone, dbScopeDNS, dbScopeIP:
 			// Parsed id matches possible values.
 			// The empty string is for matching a trailing slash for in query prefix.
 			// TODO: For queries, also prefixes of these values are valid.
@@ -96,15 +102,15 @@ func (s *StorageInterface) Get(key string) (record.Record, error) {
 	}
 
 	switch scope {
-	case "dns":
+	case dbScopeDNS:
 		if r, ok := dnsConns.get(id); ok {
 			return r, nil
 		}
-	case "ip":
+	case dbScopeIP:
 		if r, ok := conns.get(id); ok {
 			return r, nil
 		}
-	case "":
+	case dbScopeNone:
 		if proc, ok := process.GetProcessFromStorage(pid); ok {
 			return proc, nil
 		}
@@ -147,7 +153,7 @@ func (s *StorageInterface) processQuery(q *query.Query, it *iterator.Iterator) {
 		}
 	}
 
-	if scope == "" || scope == "dns" {
+	if scope == dbScopeNone || scope == dbScopeDNS {
 		// dns scopes only
 		for _, dnsConn := range dnsConns.clone() {
 			func() {
@@ -161,7 +167,7 @@ func (s *StorageInterface) processQuery(q *query.Query, it *iterator.Iterator) {
 		}
 	}
 
-	if scope == "" || scope == "ip" {
+	if scope == dbScopeNone || scope == dbScopeIP {
 		// connections
 		for _, conn := range conns.clone() {
 			func() {

network/dns.go

@@ -8,6 +8,7 @@ import (
 	"time"
 
 	"github.com/miekg/dns"
+
 	"github.com/safing/portbase/log"
 	"github.com/safing/portmaster/nameserver/nsutil"
 	"github.com/safing/portmaster/process"
@@ -17,16 +18,15 @@ import (
 var (
 	openDNSRequests     = make(map[string]*Connection) // key: <pid>/fqdn
 	openDNSRequestsLock sync.Mutex
-
-	// scope prefix
-	unidentifiedProcessScopePrefix = strconv.Itoa(process.UnidentifiedProcessID) + "/"
 )
 
 const (
-	// write open dns requests every
+	// writeOpenDNSRequestsTickDuration defines the interval in which open dns
+	// requests are written.
 	writeOpenDNSRequestsTickDuration = 5 * time.Second
 
-	// duration after which DNS requests without a following connection are logged
+	// openDNSRequestLimit defines the duration after which DNS requests without
+	// a following connection are logged.
 	openDNSRequestLimit = 3 * time.Second
 )
 
@@ -122,6 +122,9 @@ func (conn *Connection) ReplyWithDNS(ctx context.Context, request *dns.Msg) *dns
 		return nil // Do not respond to request.
 	case VerdictFailed:
 		return nsutil.BlockIP().ReplyWithDNS(ctx, request)
+	case VerdictUndecided, VerdictUndeterminable,
+		VerdictAccept, VerdictRerouteToNameserver, VerdictRerouteToTunnel:
+		fallthrough
 	default:
 		reply := nsutil.ServerFailure().ReplyWithDNS(ctx, request)
 		nsutil.AddMessagesToReply(ctx, reply, log.ErrorLevel, "INTERNAL ERROR: incorrect use of Connection DNS Responder")
@@ -136,6 +139,10 @@ func (conn *Connection) GetExtraRRs(ctx context.Context, request *dns.Msg) []dns
 	switch conn.Verdict {
 	case VerdictFailed:
 		level = log.ErrorLevel
+	case VerdictUndecided, VerdictUndeterminable,
+		VerdictAccept, VerdictBlock, VerdictDrop,
+		VerdictRerouteToNameserver, VerdictRerouteToTunnel:
+		fallthrough
 	default:
 		level = log.InfoLevel
 	}

network/metrics.go

@@ -119,7 +119,7 @@ func (conn *Connection) addToMetrics() {
 	}
 
 	// Check the verdict.
-	switch conn.Verdict {
+	switch conn.Verdict { //nolint:exhaustive // Not critical.
 	case VerdictBlock, VerdictDrop:
 		blockedOutConnCounter.Inc()
 		conn.addedToMetrics = true

network/netutils/address.go

@@ -19,7 +19,7 @@ func IPFromAddr(addr net.Addr) (net.IP, error) {
 		// Parse via string.
 		host, _, err := net.SplitHostPort(addr.String())
 		if err != nil {
-			return nil, fmt.Errorf("failed to split host and port of %q: %s", addr, err)
+			return nil, fmt.Errorf("failed to split host and port of %q: %w", addr, err)
 		}
 		ip := net.ParseIP(host)
 		if ip == nil {

network/netutils/dns.go

@@ -8,19 +8,17 @@ import (
 	"github.com/miekg/dns"
 )
 
-var (
-	cleanDomainRegex = regexp.MustCompile(
-		`^` + // match beginning
-			`(` + // start subdomain group
-			`(xn--)?` + // idn prefix
-			`[a-z0-9_-]{1,63}` + // main chunk
-			`\.` + // ending with a dot
-			`)*` + // end subdomain group, allow any number of subdomains
-			`(xn--)?` + // TLD idn prefix
-			`[a-z0-9_-]{2,63}` + // TLD main chunk with at least two characters
-			`\.` + // ending with a dot
-			`$`, // match end
-	)
+var cleanDomainRegex = regexp.MustCompile(
+	`^` + // match beginning
+		`(` + // start subdomain group
+		`(xn--)?` + // idn prefix
+		`[a-z0-9_-]{1,63}` + // main chunk
+		`\.` + // ending with a dot
+		`)*` + // end subdomain group, allow any number of subdomains
+		`(xn--)?` + // TLD idn prefix
+		`[a-z0-9_-]{2,63}` + // TLD main chunk with at least two characters
+		`\.` + // ending with a dot
+		`$`, // match end
 )
 
 // IsValidFqdn returns whether the given string is a valid fqdn.

network/netutils/dns_test.go

@@ -3,12 +3,16 @@ package netutils
 import "testing"
 
 func testDomainValidity(t *testing.T, domain string, isValid bool) {
+	t.Helper()
+
 	if IsValidFqdn(domain) != isValid {
 		t.Errorf("domain %s failed check: was valid=%v, expected valid=%v", domain, IsValidFqdn(domain), isValid)
 	}
 }
 
 func TestDNSValidation(t *testing.T) {
+	t.Parallel()
+
 	// valid
 	testDomainValidity(t, ".", true)
 	testDomainValidity(t, "at.", true)

network/netutils/ip.go

@@ -93,7 +93,7 @@ func (scope IPScope) IsLocalhost() bool {
 
 // IsLAN returns true if the scope is site-local or link-local.
 func (scope IPScope) IsLAN() bool {
-	switch scope {
+	switch scope { //nolint:exhaustive // Looking for something specific.
 	case SiteLocal, LinkLocal, LocalMulticast:
 		return true
 	default:
@@ -103,7 +103,7 @@ func (scope IPScope) IsLAN() bool {
 
 // IsGlobal returns true if the scope is global.
 func (scope IPScope) IsGlobal() bool {
-	switch scope {
+	switch scope { //nolint:exhaustive // Looking for something specific.
 	case Global, GlobalMulticast:
 		return true
 	default:

network/netutils/ip_test.go

@@ -6,6 +6,8 @@ import (
 )
 
 func TestIPScope(t *testing.T) {
+	t.Parallel()
+
 	testScope(t, net.IPv4(71, 87, 113, 211), Global)
 	testScope(t, net.IPv4(127, 0, 0, 1), HostLocal)
 	testScope(t, net.IPv4(127, 255, 255, 1), HostLocal)
@@ -17,6 +19,8 @@ func TestIPScope(t *testing.T) {
 }
 
 func testScope(t *testing.T, ip net.IP, expectedScope IPScope) {
+	t.Helper()
+
 	c := GetIPScope(ip)
 	if c != expectedScope {
 		t.Errorf("%s is %s, expected %s", ip, scopeName(c), scopeName(expectedScope))

network/netutils/tcpassembly.go

@@ -7,7 +7,7 @@ import (
 	"github.com/google/gopacket/tcpassembly"
 )
 
-// SimpleStreamAssemblerManager is a simple manager for github.com/google/gopacket/tcpassembly
+// SimpleStreamAssemblerManager is a simple manager for github.com/google/gopacket/tcpassembly.
 type SimpleStreamAssemblerManager struct {
 	InitLock      sync.Mutex
 	lastAssembler *SimpleStreamAssembler
@@ -25,7 +25,7 @@ func (m *SimpleStreamAssemblerManager) GetLastAssembler() *SimpleStreamAssembler
 	return m.lastAssembler
 }
 
-// SimpleStreamAssembler is a simple assembler for github.com/google/gopacket/tcpassembly
+// SimpleStreamAssembler is a simple assembler for github.com/google/gopacket/tcpassembly.
 type SimpleStreamAssembler struct {
 	Cumulated    []byte
 	CumulatedLen int

network/packet/const.go

@@ -5,7 +5,7 @@ import (
 	"fmt"
 )
 
-// Basic Types
+// Basic Types.
 type (
 	// IPVersion represents an IP version.
 	IPVersion uint8
@@ -15,7 +15,7 @@ type (
 	Verdict uint8
 )
 
-// Basic Constants
+// Basic Constants.
 const (
 	IPv4 = IPVersion(4)
 	IPv6 = IPVersion(6)
@@ -34,7 +34,7 @@ const (
 	AnyHostInternalProtocol61 = IPProtocol(61)
 )
 
-// Verdicts
+// Verdicts.
 const (
 	DROP Verdict = iota
 	BLOCK
@@ -45,12 +45,10 @@ const (
 	STOP
 )
 
-var (
-	// ErrFailedToLoadPayload is returned by GetPayload if it failed for an unspecified reason, or is not implemented on the current system.
-	ErrFailedToLoadPayload = errors.New("could not load packet payload")
-)
+// ErrFailedToLoadPayload is returned by GetPayload if it failed for an unspecified reason, or is not implemented on the current system.
+var ErrFailedToLoadPayload = errors.New("could not load packet payload")
 
-// ByteSize returns the byte size of the ip, IPv4 = 4 bytes, IPv6 = 16
+// ByteSize returns the byte size of the ip (IPv4 = 4 bytes, IPv6 = 16).
 func (v IPVersion) ByteSize() int {
 	switch v {
 	case IPv4:
@@ -89,8 +87,11 @@ func (p IPProtocol) String() string {
 		return "ICMPv6"
 	case IGMP:
 		return "IGMP"
+	case AnyHostInternalProtocol61:
+		fallthrough
+	default:
+		return fmt.Sprintf("<unknown protocol, %d>", uint8(p))
 	}
-	return fmt.Sprintf("<unknown protocol, %d>", uint8(p))
 }
 
 // String returns the string representation of the verdict.

network/packet/packet.go

@@ -71,8 +71,11 @@ func (pkt *Base) HasPorts() bool {
 		return true
 	case UDP, UDPLite:
 		return true
+	case ICMP, ICMPv6, IGMP, RAW, AnyHostInternalProtocol61:
+		fallthrough
+	default:
+		return false
 	}
-	return false
 }
 
 // LoadPacketData loads packet data from the integration, if not yet done.
@@ -125,7 +128,7 @@ func (pkt *Base) createConnectionID() {
 //         IN   OUT
 // Local   Dst  Src
 // Remote  Src  Dst
-//
+//.
 func (pkt *Base) MatchesAddress(remote bool, protocol IPProtocol, network *net.IPNet, port uint16) bool {
 	if pkt.info.Protocol != protocol {
 		return false
@@ -154,7 +157,7 @@ func (pkt *Base) MatchesAddress(remote bool, protocol IPProtocol, network *net.I
 //         IN   OUT
 // Local   Dst  Src
 // Remote  Src  Dst
-//
+//.
 func (pkt *Base) MatchesIP(endpoint bool, network *net.IPNet) bool {
 	if pkt.info.Inbound != endpoint {
 		if network.Contains(pkt.info.Src) {
@@ -174,7 +177,7 @@ func (pkt *Base) String() string {
 	return pkt.FmtPacket()
 }
 
-// FmtPacket returns the most important information about the packet as a string
+// FmtPacket returns the most important information about the packet as a string.
 func (pkt *Base) FmtPacket() string {
 	if pkt.info.Protocol == TCP || pkt.info.Protocol == UDP {
 		if pkt.info.Inbound {
@@ -188,12 +191,12 @@ func (pkt *Base) FmtPacket() string {
 	return fmt.Sprintf("OUT %s %s <-> %s", pkt.info.Protocol, pkt.info.Src, pkt.info.Dst)
 }
 
-// FmtProtocol returns the protocol as a string
+// FmtProtocol returns the protocol as a string.
 func (pkt *Base) FmtProtocol() string {
 	return pkt.info.Protocol.String()
 }
 
-// FmtRemoteIP returns the remote IP address as a string
+// FmtRemoteIP returns the remote IP address as a string.
 func (pkt *Base) FmtRemoteIP() string {
 	if pkt.info.Inbound {
 		return pkt.info.Src.String()
@@ -201,7 +204,7 @@ func (pkt *Base) FmtRemoteIP() string {
 	return pkt.info.Dst.String()
 }
 
-// FmtRemotePort returns the remote port as a string
+// FmtRemotePort returns the remote port as a string.
 func (pkt *Base) FmtRemotePort() string {
 	if pkt.info.SrcPort != 0 {
 		if pkt.info.Inbound {
@@ -212,14 +215,14 @@ func (pkt *Base) FmtRemotePort() string {
 	return "-"
 }
 
-// FmtRemoteAddress returns the full remote address (protocol, IP, port) as a string
+// FmtRemoteAddress returns the full remote address (protocol, IP, port) as a string.
 func (pkt *Base) FmtRemoteAddress() string {
 	return fmt.Sprintf("%s:%s:%s", pkt.info.Protocol.String(), pkt.FmtRemoteIP(), pkt.FmtRemotePort())
 }
 
-// Packet is an interface to a network packet to provide object behaviour the same across all systems
+// Packet is an interface to a network packet to provide object behaviour the same across all systems.
 type Packet interface {
-	// VERDICTS
+	// Verdicts.
 	Accept() error
 	Block() error
 	Drop() error
@@ -230,7 +233,7 @@ type Packet interface {
 	RerouteToTunnel() error
 	FastTrackedByIntegration() bool
 
-	// INFO
+	// Info.
 	SetCtx(context.Context)
 	Ctx() context.Context
 	Info() *Info
@@ -242,17 +245,17 @@ type Packet interface {
 	HasPorts() bool
 	GetConnectionID() string
 
-	// PAYLOAD
+	// Payload.
 	LoadPacketData() error
 	Layers() gopacket.Packet
 	Raw() []byte
 	Payload() []byte
 
-	// MATCHING
+	// Matching.
 	MatchesAddress(bool, IPProtocol, *net.IPNet, uint16) bool
 	MatchesIP(bool, *net.IPNet) bool
 
-	// FORMATTING
+	// Formatting.
 	String() string
 	FmtPacket() string
 	FmtProtocol() string

network/packet/packetinfo.go

@@ -4,7 +4,7 @@ import (
 	"net"
 )
 
-// Info holds IP and TCP/UDP header information
+// Info holds IP and TCP/UDP header information.
 type Info struct {
 	Inbound  bool
 	InTunnel bool

network/packet/parse.go

@@ -135,7 +135,7 @@ func Parse(packetData []byte, pktBase *Base) (err error) {
 		parseIPv6,
 		parseTCP,
 		parseUDP,
-		//parseUDPLite, // we don't yet support udplite
+		// parseUDPLite, // We don't yet support udplite.
 		parseICMPv4,
 		parseICMPv6,
 		parseIGMP,

network/proc/findpid.go

@@ -1,4 +1,4 @@
-// +build linux
+// go:build linux
 
 package proc
 
@@ -7,9 +7,8 @@ import (
 	"os"
 	"time"
 
-	"github.com/safing/portmaster/network/socket"
-
 	"github.com/safing/portbase/log"
+	"github.com/safing/portmaster/network/socket"
 )
 
 var (
@@ -128,7 +127,10 @@ func readDirNames(dir string) (names []string) {
 		}
 		return
 	}
-	defer file.Close()
+	defer func() {
+		_ = file.Close()
+	}()
+
 	names, err = file.Readdirnames(0)
 	if err != nil {
 		log.Warningf("proc: could not get entries from directory %s: %s", dir, err)

network/proc/pids_by_user.go

@@ -1,4 +1,4 @@
-// +build linux
+// go:build linux
 
 package proc
 

network/proc/tables.go

@@ -1,4 +1,4 @@
-// +build linux
+// go:build linux
 
 package proc
 
@@ -12,9 +12,8 @@ import (
 	"strings"
 	"unicode"
 
-	"github.com/safing/portmaster/network/socket"
-
 	"github.com/safing/portbase/log"
+	"github.com/safing/portmaster/network/socket"
 )
 
 /*
@@ -85,7 +84,6 @@ const (
 )
 
 func getTableFromSource(stack uint8, procFile string) (connections []*socket.ConnectionInfo, binds []*socket.BindInfo, err error) {
-
 	var ipConverter func(string) net.IP
 	switch stack {
 	case TCP4, UDP4:
@@ -101,7 +99,9 @@ func getTableFromSource(stack uint8, procFile string) (connections []*socket.Con
 	if err != nil {
 		return nil, nil, err
 	}
-	defer socketData.Close()
+	defer func() {
+		_ = socketData.Close()
+	}()
 
 	// file scanner
 	scanner := bufio.NewScanner(socketData)

network/proc/tables_test.go

@@ -1,4 +1,4 @@
-// +build linux
+// go:build linux
 
 package proc
 
@@ -8,6 +8,8 @@ import (
 )
 
 func TestSockets(t *testing.T) {
+	t.Parallel()
+
 	connections, listeners, err := GetTCP4Table()
 	if err != nil {
 		t.Fatal(err)

network/socket/socket.go

@@ -111,6 +111,6 @@ func (i *BindInfo) GetUIDandInode() (int, int) {
 	return i.UID, i.Inode
 }
 
-// compile time checks
+// Compile time checks.
 var _ Info = new(ConnectionInfo)
 var _ Info = new(BindInfo)

network/state/exists.go

@@ -14,7 +14,6 @@ const (
 
 // Exists checks if the given connection is present in the system state tables.
 func Exists(pktInfo *packet.Info, now time.Time) (exists bool) {
-
 	// TODO: create lookup maps before running a flurry of Exists() checks.
 
 	switch {

network/state/info.go

@@ -4,7 +4,6 @@ import (
 	"sync"
 
 	"github.com/safing/portbase/database/record"
-
 	"github.com/safing/portmaster/network/socket"
 )
 

network/state/udp.go

@@ -117,7 +117,6 @@ func (table *udpTable) getDirection(
 }
 
 func (table *udpTable) cleanStates(now time.Time) {
-
 	// compute thresholds
 	threshold := now.Add(-UDPConnStateTTL)
 	shortThreshhold := now.Add(-UDPConnStateShortenedTTL)

network/status.go

@@ -64,13 +64,13 @@ func (v Verdict) Verb() string {
 	}
 }
 
-// Packet Directions
+// Packet Directions.
 const (
 	Inbound  = true
 	Outbound = false
 )
 
-// Non-Domain Scopes
+// Non-Domain Scopes.
 const (
 	IncomingHost     = "IH"
 	IncomingLAN      = "IL"