misc: small fix or general refactoring i did not bother commenting

2025-08-14 02:36:57 -07:00 · 2018-03-28 13:04:39 +02:00 · 2018-03-28 13:04:39 +02:00 · 6b402da8b6
commit 6b402da8b6
parent 43b7e8243f
1 changed files with 35 additions and 50 deletions
--- a/firewall/firewall_linux.go
+++ b/firewall/firewall_linux.go
@ -65,9 +65,40 @@ func (f LinuxFirewall) EnableForwarding(enabled bool) error {
 	return f.enableFeature(IPV4ForwardingFile, enabled)
 }

-func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
-	var opts []string
+func (f *LinuxFirewall) getCommandLine(r *Redirection, enabled bool) (cmdLine []string) {
+	action := "-A"
+	if enabled == false {
+		action = "-D"
+	}

+	if r.SrcAddress == "" {
+		cmdLine = []string{
+			"-t", "nat",
+			action, "PREROUTING",
+			"-i", r.Interface,
+			"-p", r.Protocol,
+			"--dport", fmt.Sprintf("%d", r.SrcPort),
+			"-j", "DNAT",
+			"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
+		}
+	} else {
+		cmdLine = []string{
+			"-t", "nat",
+			action, "PREROUTING",
+			"-i", r.Interface,
+			"-p", r.Protocol,
+			"-d", r.SrcAddress,
+			"--dport", fmt.Sprintf("%d", r.SrcPort),
+			"-j", "DNAT",
+			"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
+		}
+	}
+
+	return
+}
+
+func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
+	cmdLine := f.getCommandLine(r, enabled)
 	rkey := r.String()
 	_, found := f.redirections[rkey]

@ -81,31 +112,7 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {
 		// accept all
 		if _, err := core.Exec("iptables", []string{"-P", "FORWARD", "ACCEPT"}); err != nil {
 			return err
-		}
-
-		if r.SrcAddress == "" {
-			opts = []string{
-				"-t", "nat",
-				"-A", "PREROUTING",
-				"-i", r.Interface,
-				"-p", r.Protocol,
-				"--dport", fmt.Sprintf("%d", r.SrcPort),
-				"-j", "DNAT",
-				"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
-			}
-		} else {
-			opts = []string{
-				"-t", "nat",
-				"-A", "PREROUTING",
-				"-i", r.Interface,
-				"-p", r.Protocol,
-				"-d", r.SrcAddress,
-				"--dport", fmt.Sprintf("%d", r.SrcPort),
-				"-j", "DNAT",
-				"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
-			}
-		}
-		if _, err := core.Exec("iptables", opts); err != nil {
+		} else if _, err := core.Exec("iptables", cmdLine); err != nil {
 			return err
 		}
 	} else {
@ -115,29 +122,7 @@ func (f *LinuxFirewall) EnableRedirection(r *Redirection, enabled bool) error {

 		delete(f.redirections, r.String())

-		if r.SrcAddress == "" {
-			opts = []string{
-				"-t", "nat",
-				"-D", "PREROUTING",
-				"-i", r.Interface,
-				"-p", r.Protocol,
-				"--dport", fmt.Sprintf("%d", r.SrcPort),
-				"-j", "DNAT",
-				"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
-			}
-		} else {
-			opts = []string{
-				"-t", "nat",
-				"-D", "PREROUTING",
-				"-i", r.Interface,
-				"-p", r.Protocol,
-				"-d", r.SrcAddress,
-				"--dport", fmt.Sprintf("%d", r.SrcPort),
-				"-j", "DNAT",
-				"--to", fmt.Sprintf("%s:%d", r.DstAddress, r.DstPort),
-			}
-		}
-		if _, err := core.Exec("iptables", opts); err != nil {
+		if _, err := core.Exec("iptables", cmdLine); err != nil {
 			return err
 		}
 	}