Skip to content

Commit f11aa2d

Browse files
squatsquat
authoredApr 18, 2022
Merge pull request #7 from kilo-io/fmt
Apply gofmt formatting
2 parents 29d4904 + 18a518c commit f11aa2d

File tree

5 files changed

+139
-137
lines changed

5 files changed

+139
-137
lines changed
 

‎.github/workflows/test.yaml

+14-6
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,22 @@
1+
---
12
name: Test
23

34
on:
4-
push:
55
pull_request:
66
jobs:
77
test:
88
runs-on: ubuntu-latest
99
steps:
10-
- uses: actions/checkout@main
11-
- uses: actions/setup-go@v1
12-
with:
13-
go-version: '1.16'
14-
- run: go test ./...
10+
- uses: actions/checkout@main
11+
- uses: actions/setup-go@v1
12+
with:
13+
go-version: '1.16'
14+
- run: go test ./...
15+
fmt:
16+
runs-on: ubuntu-latest
17+
steps:
18+
- uses: actions/checkout@main
19+
- uses: actions/setup-go@v1
20+
with:
21+
go-version: '1.16'
22+
- run: '[ -z "$(gofmt -e -d ./)" ]'

‎LICENSE

+1-1
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
Copyright (c) 2021 Leon Löchner
1+
Copyright (c) 2022 Leon Löchner
22

33
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
44

‎match_modules.go

+5-5
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ func (p *Parser) parseStatistic(f *map[string]Flag) (state, error) {
8080
// unscanIgnoreWhitespace twice (this can fail
8181
// because of a fixed sized buffer, that is full
8282
// of Whitespaces).
83-
p.unscan(1) //IgnoreWhitespace(2) // unscan 2
83+
p.unscan(1) // IgnoreWhitespace(2) // unscan 2
8484
return sNot, nil
8585
}
8686
case sIF:
@@ -160,7 +160,7 @@ func (p *Parser) parseUdp(f *map[string]Flag) (state, error) {
160160
// unscanIgnoreWhitespace twice (this can fail
161161
// because of a fixed sized buffer, that is full
162162
// of Whitespaces).
163-
p.unscan(1) //IgnoreWhitespace(2) // unscan 2
163+
p.unscan(1) // IgnoreWhitespace(2) // unscan 2
164164
return sNot, nil
165165
}
166166
case sIF:
@@ -188,10 +188,10 @@ func (p *Parser) parseUdp(f *map[string]Flag) (state, error) {
188188
}
189189
return sStart, nil
190190
}
191+
191192
func (p *Parser) parseAddrtype(f *map[string]Flag) (state, error) {
192193
s := sStart
193194
for tok, lit := p.scanIgnoreWhitespace(); tok != EOF; tok, lit = p.scanIgnoreWhitespace() {
194-
195195
for nextValue := false; !nextValue; {
196196
nextValue = true
197197
switch s {
@@ -228,7 +228,7 @@ func (p *Parser) parseAddrtype(f *map[string]Flag) (state, error) {
228228
// unscanIgnoreWhitespace twice (this can fail
229229
// because of a fixed sized buffer, that is full
230230
// of Whitespaces).
231-
p.unscan(1) //IgnoreWhitespace(2) // unscan 2
231+
p.unscan(1) // IgnoreWhitespace(2) // unscan 2
232232
return sNot, nil
233233
}
234234
case sIF:
@@ -334,7 +334,7 @@ func (p *Parser) parseTcp(f *map[string]Flag) (state, error) {
334334
// unscanIgnoreWhitespace twice (this can fail
335335
// because of a fixed sized buffer, that is full
336336
// of Whitespaces).
337-
p.unscan(1) //IgnoreWhitespace(2) // unscan 2
337+
p.unscan(1) // IgnoreWhitespace(2) // unscan 2
338338
return sNot, nil
339339
}
340340
case sIF:

‎parser.go

+31-44
Original file line numberDiff line numberDiff line change
@@ -60,9 +60,8 @@ func (d Policy) String() string {
6060
}
6161
if d.Counter != nil {
6262
return fmt.Sprintf("%s%s %s %s", prefix, d.Chain, d.Action, d.Counter.String())
63-
} else {
64-
return fmt.Sprintf("%s%s %s", prefix, d.Chain, d.Action)
6563
}
64+
return fmt.Sprintf("%s%s %s", prefix, d.Chain, d.Action)
6665
}
6766

6867
// Rule represents a rule in an iptables dump. Normally the start with -A.
@@ -144,7 +143,6 @@ func (r Rule) Spec() (ret []string) {
144143
} else {
145144
ret = append(ret, "!", "-f")
146145
}
147-
148146
}
149147
if r.IPv4 {
150148
ret = append(ret, "-4")
@@ -154,7 +152,6 @@ func (r Rule) Spec() (ret []string) {
154152
}
155153
if len(r.Matches) > 0 {
156154
for _, m := range r.Matches {
157-
158155
ret = append(ret, m.Spec()...)
159156
}
160157
}
@@ -169,8 +166,8 @@ func (r Rule) Spec() (ret []string) {
169166

170167
// EqualTo returns true, if the rules are
171168
// equal to each other.
172-
func (r1 Rule) EqualTo(r2 Rule) bool {
173-
return reflect.DeepEqual(r1, r2)
169+
func (r Rule) EqualTo(r2 Rule) bool {
170+
return reflect.DeepEqual(r, r2)
174171
}
175172

176173
// DNSOrIPPair either holds an IP or DNS and a flag.
@@ -187,6 +184,7 @@ func (d DNSOrIPPair) String(f string) string {
187184
return strings.Join(d.Spec(f), " ")
188185
}
189186

187+
// Spec returns a DNSOrIPPair how coreos' iptables package would expect it.
190188
func (d DNSOrIPPair) Spec(f string) []string {
191189
s := []string{"!", f, d.Value.String()}
192190
if !d.Not {
@@ -256,6 +254,7 @@ func (sp StringPair) String(f string) string {
256254
return strings.Join(sp.Spec(f), " ")
257255
}
258256

257+
// Spec returns a StringPair how coreos' iptables package would expect it.
259258
func (sp StringPair) Spec(f string) []string {
260259
ret := []string{"!", f, sp.Value}
261260
if !sp.Not {
@@ -285,6 +284,7 @@ func (m Match) String() string {
285284
return strings.Join(m.Spec(), " ")
286285
}
287286

287+
// Spec returns a Match how coreos' iptables package would expect it.
288288
func (m Match) Spec() []string {
289289
ret := make([]string, 2, 2+len(m.Flags)*2)
290290
ret[0], ret[1] = "-m", m.Type
@@ -305,6 +305,7 @@ func (fl Flag) String(f string) string {
305305
return strings.Join(fl.Spec(f), " ")
306306
}
307307

308+
// Spec returns a Flag how coreos' iptables package would expect it.
308309
func (fl Flag) Spec(f string) []string {
309310
ret := []string{"!", f}
310311
ret = append(ret, fl.Values...)
@@ -314,6 +315,7 @@ func (fl Flag) Spec(f string) []string {
314315
return ret
315316
}
316317

318+
// Target represents a Target Extension. See iptables-extensions(8).
317319
type Target struct {
318320
Name string
319321
Flags map[string]Flag
@@ -323,6 +325,7 @@ func (t Target) String(name string) string {
323325
return strings.Join(t.Spec(name), " ")
324326
}
325327

328+
// Spec returns a Target how coreos' iptables package would expect it.
326329
func (t Target) Spec(f string) []string {
327330
ret := make([]string, 2, 2+len(t.Flags)*2)
328331
ret[0], ret[1] = f, t.Name
@@ -332,17 +335,17 @@ func (t Target) Spec(f string) []string {
332335
return ret
333336
}
334337

335-
// Max buffer size of the ring buffer in the parser.
336-
const BUF_SIZE = 10
338+
// BUFSIZE is the max buffer size of the ring buffer in the parser.
339+
const BUFSIZE = 16
337340

338341
// Parser represents a parser.
339342
type Parser struct {
340343
s *scanner
341344
buf struct {
342-
toks [BUF_SIZE]Token // token buffer
343-
lits [BUF_SIZE]string // literal buffer
344-
p int // current position in the buffer (max=BUF_SIZE)
345-
n int // offset (max=BUF_SIZE)
345+
toks [BUFSIZE]Token // token buffer
346+
lits [BUFSIZE]string // literal buffer
347+
p int // current position in the buffer (max=BUF_SIZE)
348+
n int // offset (max=BUF_SIZE)
346349
}
347350
}
348351

@@ -371,7 +374,7 @@ func (p *Parser) Parse() (l Line, err error) {
371374
case COLON:
372375
return p.parseDefault(p.s.scanLine())
373376
case EOF:
374-
return nil, io.EOF //ErrEOF
377+
return nil, io.EOF // ErrEOF
375378
case NEWLINE:
376379
return nil, errors.New("empty line")
377380
default:
@@ -392,8 +395,10 @@ func (p *Parser) ParseRule() (*Rule, error) {
392395
}
393396
}
394397

395-
var matchModules map[string]struct{}
396-
var targetExtensions map[string]struct{}
398+
var (
399+
matchModules map[string]struct{}
400+
targetExtensions map[string]struct{}
401+
)
397402

398403
func init() {
399404
matchModules = make(map[string]struct{})
@@ -430,17 +435,17 @@ func (p *Parser) parseDefault(lit string) (Line, error) {
430435
func parseCounter(bytes []byte) (Counter, error) {
431436
var c Counter
432437
pc := regCounter.ReplaceAll(bytes, []byte("$1"))
433-
if i, err := strconv.ParseUint(string(pc), 10, 0); err != nil {
438+
i, err := strconv.ParseUint(string(pc), 10, 0)
439+
if err != nil {
434440
return c, fmt.Errorf("Could not parse counter: %w", err)
435-
} else {
436-
c.packets = i
437441
}
442+
c.packets = i
438443
pc = regCounter.ReplaceAll(bytes, []byte("$2"))
439-
if i, err := strconv.ParseUint(string(pc), 10, 0); err != nil {
444+
i, err = strconv.ParseUint(string(pc), 10, 0)
445+
if err != nil {
440446
return c, fmt.Errorf("Could not parse counter: %w", err)
441-
} else {
442-
c.bytes = i
443447
}
448+
c.bytes = i
444449
return c, nil
445450
}
446451

@@ -579,7 +584,6 @@ func (p *Parser) parseRule() (Line, error) {
579584
// Avoid scanning the next token, if an error occured.
580585
nextValue = nextValue && err == nil
581586
}
582-
583587
}
584588
return r, nil
585589
}
@@ -608,7 +612,7 @@ func (p *Parser) parsePolicy(d bool) (Line, error) {
608612
return ret, nil
609613
}
610614
if tok, lit := p.scanIgnoreWhitespace(); tok != EOF && tok != NEWLINE {
611-
return nil, fmt.Errorf("found %q, expected EOF or newline.", lit)
615+
return nil, fmt.Errorf("found %q, expected EOF or newline", lit)
612616
}
613617
return ret, nil
614618
}
@@ -648,9 +652,8 @@ func (p *Parser) parseStringPair(sp *StringPair, not bool) (state, error) {
648652
*sp = StringPair{Value: "", Not: not}
649653
p.unscan(1)
650654
return sStart, errors.New("unexpected token, expected IDENT")
651-
} else {
652-
*sp = StringPair{Value: lit, Not: not}
653655
}
656+
*sp = StringPair{Value: lit, Not: not}
654657
return sStart, nil
655658
}
656659

@@ -666,14 +669,14 @@ func (p *Parser) scan() (tok Token, lit string) {
666669
// If we have a token on the buffer, return it.
667670
if p.buf.n != 0 {
668671
p.buf.n--
669-
return p.buf.toks[mod(p.buf.p-p.buf.n-1, BUF_SIZE)], p.buf.lits[mod(p.buf.p-p.buf.n-1, BUF_SIZE)]
672+
return p.buf.toks[mod(p.buf.p-p.buf.n-1, BUFSIZE)], p.buf.lits[mod(p.buf.p-p.buf.n-1, BUFSIZE)]
670673
}
671674
// Otherwise read the next token from the scanner.
672675
tok, lit = p.s.scan()
673676
// Save it to the buffer in case we unscan later.
674677
p.buf.toks[p.buf.p], p.buf.lits[p.buf.p] = tok, lit
675678
p.buf.p++ // increase the pointer of the ring buffer.
676-
p.buf.p %= BUF_SIZE
679+
p.buf.p %= BUFSIZE
677680
return
678681
}
679682

@@ -689,28 +692,12 @@ func (p *Parser) scanIgnoreWhitespace() (tok Token, lit string) {
689692
// unscan reverts the pointer on the buffer, callers should not unscan more then what was
690693
// previously read, or values larger then BUF_SIZE.
691694
func (p *Parser) unscan(n int) {
692-
if p.buf.n+n >= BUF_SIZE {
695+
if p.buf.n+n >= BUFSIZE {
693696
panic("size exceeds buffer")
694697
}
695698
p.buf.n += n
696699
}
697700

698-
func (p *Parser) unscanIgnoreWhitespace(n int) error {
699-
for i := 0; i < BUF_SIZE; i++ {
700-
if p.buf.toks[p.buf.n] == ILLEGAL {
701-
break
702-
}
703-
if p.buf.toks[p.buf.n] == WS {
704-
p.unscan(1)
705-
} else {
706-
if n--; n == 0 {
707-
return nil
708-
}
709-
}
710-
}
711-
return errors.New("buffer has no none whitespace characters")
712-
}
713-
714701
var hasWS *regexp.Regexp = regexp.MustCompile(`\s`)
715702

716703
func enquoteIfWS(s []string) []string {

‎parser_test.go

+88-81
Original file line numberDiff line numberDiff line change
@@ -54,7 +54,6 @@ func TestDNSOrIPPair_Spec(t *testing.T) {
5454
} {
5555
if res := tc.d.Spec(tc.f); !reflect.DeepEqual(res, tc.r) {
5656
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.r, res)
57-
5857
}
5958
}
6059
}
@@ -84,7 +83,6 @@ func TestStringPair_Spec(t *testing.T) {
8483
} {
8584
if res := tc.p.Spec(tc.f); !reflect.DeepEqual(res, tc.r) {
8685
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.r, res)
87-
8886
}
8987
}
9088
}
@@ -114,7 +112,6 @@ func TestFlag_String(t *testing.T) {
114112
} {
115113
if res := tc.p.String(tc.f); !reflect.DeepEqual(res, tc.r) {
116114
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.r, res)
117-
118115
}
119116
}
120117
}
@@ -128,7 +125,7 @@ func TestMatch_String(t *testing.T) {
128125
p: Match{
129126
Type: "comment",
130127
Flags: map[string]Flag{
131-
"comment": Flag{
128+
"comment": {
132129
Values: []string{"hallo"},
133130
},
134131
},
@@ -139,7 +136,7 @@ func TestMatch_String(t *testing.T) {
139136
p: Match{
140137
Type: "tcp",
141138
Flags: map[string]Flag{
142-
"tcp-options": Flag{
139+
"tcp-options": {
143140
Not: true,
144141
Values: []string{"bla", "blub"},
145142
},
@@ -150,7 +147,6 @@ func TestMatch_String(t *testing.T) {
150147
} {
151148
if res := tc.p.String(); !reflect.DeepEqual(res, tc.r) {
152149
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.r, res)
153-
154150
}
155151
}
156152
}
@@ -165,7 +161,7 @@ func TestTarget_String(t *testing.T) {
165161
p: Target{
166162
Name: "foo",
167163
Flags: map[string]Flag{
168-
"bar": Flag{
164+
"bar": {
169165
Values: []string{"foo"},
170166
},
171167
},
@@ -177,7 +173,7 @@ func TestTarget_String(t *testing.T) {
177173
p: Target{
178174
Name: "foo",
179175
Flags: map[string]Flag{
180-
"bar": Flag{
176+
"bar": {
181177
Not: true,
182178
Values: []string{"foo", "bar"},
183179
},
@@ -189,7 +185,6 @@ func TestTarget_String(t *testing.T) {
189185
} {
190186
if res := tc.p.String(tc.f); !reflect.DeepEqual(res, tc.r) {
191187
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.r, res)
192-
193188
}
194189
}
195190
}
@@ -202,18 +197,19 @@ func TestRule_Spec(t *testing.T) {
202197
{
203198
rule: Rule{
204199
Chain: "foo",
205-
Source: &DNSOrIPPair{Value: DNSOrIP{
206-
iP: parseCIDR("192.168.178.2"),
200+
Source: &DNSOrIPPair{
201+
Value: DNSOrIP{
202+
iP: parseCIDR("192.168.178.2"),
203+
},
204+
Not: true,
207205
},
208-
Not: true},
209206
Destination: &DNSOrIPPair{Value: DNSOrIP{iP: parseCIDR("1.1.1.1")}, Not: true},
210207
},
211208
res: []string{"!", "-s", "192.168.178.2/32", "!", "-d", "1.1.1.1/32"},
212209
},
213210
} {
214211
if res := tc.rule.Spec(); !reflect.DeepEqual(res, tc.res) {
215212
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.res, res)
216-
217213
}
218214
}
219215
}
@@ -226,10 +222,12 @@ func TestRule_String(t *testing.T) {
226222
{
227223
rule: Rule{
228224
Chain: "foo",
229-
Source: &DNSOrIPPair{Value: DNSOrIP{
230-
iP: parseCIDR("192.168.178.2"),
225+
Source: &DNSOrIPPair{
226+
Value: DNSOrIP{
227+
iP: parseCIDR("192.168.178.2"),
228+
},
229+
Not: true,
231230
},
232-
Not: true},
233231
Destination: &DNSOrIPPair{Value: DNSOrIP{iP: parseCIDR("1.1.1.1")}, Not: true},
234232
},
235233
res: "-A foo ! -s 192.168.178.2/32 ! -d 1.1.1.1/32",
@@ -241,14 +239,14 @@ func TestRule_String(t *testing.T) {
241239
{
242240
Type: "comment",
243241
Flags: map[string]Flag{
244-
"comment": Flag{Values: []string{`kubernetes service traffic requiring SNAT`}},
242+
"comment": {Values: []string{`kubernetes service traffic requiring SNAT`}},
245243
},
246244
},
247245
},
248246
Jump: &Target{
249247
Name: "MASQUERADE",
250248
Flags: map[string]Flag{
251-
"to-ports": Flag{
249+
"to-ports": {
252250
Values: []string{"200-1000"},
253251
},
254252
},
@@ -259,7 +257,6 @@ func TestRule_String(t *testing.T) {
259257
} {
260258
if res := tc.rule.String(); !reflect.DeepEqual(res, tc.res) {
261259
t.Errorf("test %d:\n\texp=%q\n\tgot=%q\n", i, tc.res, res)
262-
263260
}
264261
}
265262
}
@@ -333,7 +330,8 @@ func TestParser_Parse(t *testing.T) {
333330
Counter: &Counter{
334331
packets: 10,
335332
bytes: 100,
336-
}},
333+
},
334+
},
337335
err: nil,
338336
},
339337
{
@@ -345,7 +343,8 @@ func TestParser_Parse(t *testing.T) {
345343
Counter: &Counter{
346344
packets: 0,
347345
bytes: 100,
348-
}},
346+
},
347+
},
349348
err: nil,
350349
},
351350
{
@@ -372,10 +371,12 @@ func TestParser_Parse(t *testing.T) {
372371
s: "-A foo ! -s 192.168.178.2 ! --dst 1.1.1.1",
373372
r: Rule{
374373
Chain: "foo",
375-
Source: &DNSOrIPPair{Value: DNSOrIP{
376-
iP: parseCIDR("192.168.178.2"),
374+
Source: &DNSOrIPPair{
375+
Value: DNSOrIP{
376+
iP: parseCIDR("192.168.178.2"),
377+
},
378+
Not: true,
377379
},
378-
Not: true},
379380
Destination: &DNSOrIPPair{Value: DNSOrIP{iP: parseCIDR("1.1.1.1")}, Not: true},
380381
},
381382
err: nil,
@@ -418,7 +419,7 @@ func TestParser_Parse(t *testing.T) {
418419
{
419420
Type: "comment",
420421
Flags: map[string]Flag{
421-
"comment": Flag{
422+
"comment": {
422423
Values: []string{`this crazy\`},
423424
},
424425
},
@@ -448,7 +449,7 @@ func TestParser_Parse(t *testing.T) {
448449
{
449450
Type: "comment",
450451
Flags: map[string]Flag{
451-
"comment": Flag{
452+
"comment": {
452453
Values: []string{`this crazy`},
453454
},
454455
},
@@ -478,7 +479,7 @@ func TestParser_Parse(t *testing.T) {
478479
{
479480
Type: "comment",
480481
Flags: map[string]Flag{
481-
"comment": Flag{
482+
"comment": {
482483
Values: []string{`--this-crazy`},
483484
},
484485
},
@@ -506,7 +507,7 @@ func TestParser_Parse(t *testing.T) {
506507
{
507508
Type: "comment",
508509
Flags: map[string]Flag{
509-
"comment": Flag{
510+
"comment": {
510511
Values: []string{`this \"crazy\"`},
511512
},
512513
},
@@ -527,7 +528,7 @@ func TestParser_Parse(t *testing.T) {
527528
{
528529
Type: "comment",
529530
Flags: map[string]Flag{
530-
"comment": Flag{
531+
"comment": {
531532
Values: []string{`this \"crazy\"`},
532533
},
533534
},
@@ -560,9 +561,9 @@ func TestParser_Parse(t *testing.T) {
560561
{
561562
Type: "tcp",
562563
Flags: map[string]Flag{
563-
"destination-port": Flag{Values: []string{"8080:9000"}},
564-
"source-port": Flag{Values: []string{"1010"}},
565-
"tcp-flags": Flag{Values: []string{"SYN,FIN", "ACK"}},
564+
"destination-port": {Values: []string{"8080:9000"}},
565+
"source-port": {Values: []string{"1010"}},
566+
"tcp-flags": {Values: []string{"SYN,FIN", "ACK"}},
566567
},
567568
},
568569
},
@@ -579,12 +580,12 @@ func TestParser_Parse(t *testing.T) {
579580
{
580581
Type: "tcp",
581582
Flags: map[string]Flag{
582-
"source-port": Flag{Values: []string{"1010"}},
583-
"destination-port": Flag{
583+
"source-port": {Values: []string{"1010"}},
584+
"destination-port": {
584585
Values: []string{"1000"},
585586
Not: true,
586587
},
587-
"tcp-flags": Flag{Values: []string{"SYN,FIN", "ACK"}},
588+
"tcp-flags": {Values: []string{"SYN,FIN", "ACK"}},
588589
},
589590
},
590591
},
@@ -601,17 +602,17 @@ func TestParser_Parse(t *testing.T) {
601602
{
602603
Type: "tcp",
603604
Flags: map[string]Flag{
604-
"source-port": Flag{Values: []string{"1010"}},
605-
"destination-port": Flag{
605+
"source-port": {Values: []string{"1010"}},
606+
"destination-port": {
606607
Values: []string{"1000:1010"},
607608
Not: true,
608609
},
609-
"tcp-flags": Flag{Values: []string{"SYN,FIN", "ACK"}},
610-
"tcp-option": Flag{
610+
"tcp-flags": {Values: []string{"SYN,FIN", "ACK"}},
611+
"tcp-option": {
611612
Not: true,
612613
Values: []string{"1"},
613614
},
614-
"syn": Flag{
615+
"syn": {
615616
Not: true,
616617
},
617618
},
@@ -630,21 +631,21 @@ func TestParser_Parse(t *testing.T) {
630631
{
631632
Type: "tcp",
632633
Flags: map[string]Flag{
633-
"source-port": Flag{
634+
"source-port": {
634635
Not: true,
635636
Values: []string{"1010"},
636637
},
637-
"destination-port": Flag{
638+
"destination-port": {
638639
Values: []string{"1000:1010"},
639640
},
640-
"tcp-flags": Flag{
641+
"tcp-flags": {
641642
Not: true,
642643
Values: []string{"SYN,FIN", "ACK"},
643644
},
644-
"tcp-option": Flag{
645+
"tcp-option": {
645646
Values: []string{"1"},
646647
},
647-
"syn": Flag{},
648+
"syn": {},
648649
},
649650
},
650651
},
@@ -676,29 +677,29 @@ func TestParser_Parse(t *testing.T) {
676677
{
677678
Type: "tcp",
678679
Flags: map[string]Flag{
679-
"source-port": Flag{
680+
"source-port": {
680681
Not: true,
681682
Values: []string{"1010"},
682683
},
683-
"destination-port": Flag{
684+
"destination-port": {
684685
Values: []string{"1000:1010"},
685686
},
686-
"tcp-flags": Flag{
687+
"tcp-flags": {
687688
Not: true,
688689
Values: []string{"SYN,FIN", "ACK"},
689690
},
690-
"tcp-option": Flag{
691+
"tcp-option": {
691692
Values: []string{"1"},
692693
},
693-
"syn": Flag{},
694+
"syn": {},
694695
},
695696
},
696697
},
697698
Jump: &Target{
698699
Name: "DNAT",
699700
Flags: map[string]Flag{
700-
"random": Flag{},
701-
"to-destination": Flag{
701+
"random": {},
702+
"to-destination": {
702703
Values: []string{"192.168.1.1-192.168.1.2:80-81"},
703704
},
704705
},
@@ -718,7 +719,7 @@ func TestParser_Parse(t *testing.T) {
718719
Jump: &Target{
719720
Name: "SNAT",
720721
Flags: map[string]Flag{
721-
"to-source": Flag{
722+
"to-source": {
722723
Values: []string{"192.168.1.1"},
723724
},
724725
},
@@ -738,10 +739,10 @@ func TestParser_Parse(t *testing.T) {
738739
Jump: &Target{
739740
Name: "SNAT",
740741
Flags: map[string]Flag{
741-
"to-source": Flag{
742+
"to-source": {
742743
Values: []string{"192.168.1.1"},
743744
},
744-
"random-fully": Flag{},
745+
"random-fully": {},
745746
},
746747
},
747748
},
@@ -756,13 +757,13 @@ func TestParser_Parse(t *testing.T) {
756757
{
757758
Type: "comment",
758759
Flags: map[string]Flag{
759-
"comment": Flag{Values: []string{`kubernetes service nodeports; NOTE: this must be the last rule in this chain`}},
760+
"comment": {Values: []string{`kubernetes service nodeports; NOTE: this must be the last rule in this chain`}},
760761
},
761762
},
762763
{
763764
Type: "addrtype",
764765
Flags: map[string]Flag{
765-
"dst-type": Flag{
766+
"dst-type": {
766767
Values: []string{"LOCAL"},
767768
},
768769
},
@@ -791,13 +792,13 @@ func TestParser_Parse(t *testing.T) {
791792
{
792793
Type: "comment",
793794
Flags: map[string]Flag{
794-
"comment": Flag{Values: []string{`kube-system/kube-dns:dns cluster IP`}},
795+
"comment": {Values: []string{`kube-system/kube-dns:dns cluster IP`}},
795796
},
796797
},
797798
{
798799
Type: "udp",
799800
Flags: map[string]Flag{
800-
"destination-port": Flag{
801+
"destination-port": {
801802
Values: []string{"53"},
802803
},
803804
},
@@ -818,14 +819,14 @@ func TestParser_Parse(t *testing.T) {
818819
{
819820
Type: "comment",
820821
Flags: map[string]Flag{
821-
"comment": Flag{Values: []string{`kubernetes service traffic requiring SNAT`}},
822+
"comment": {Values: []string{`kubernetes service traffic requiring SNAT`}},
822823
},
823824
},
824825
},
825826
Jump: &Target{
826827
Name: "MASQUERADE",
827828
Flags: map[string]Flag{
828-
"random-fully": Flag{},
829+
"random-fully": {},
829830
},
830831
},
831832
},
@@ -840,16 +841,16 @@ func TestParser_Parse(t *testing.T) {
840841
{
841842
Type: "comment",
842843
Flags: map[string]Flag{
843-
"comment": Flag{Values: []string{`kubernetes service traffic requiring SNAT`}},
844+
"comment": {Values: []string{`kubernetes service traffic requiring SNAT`}},
844845
},
845846
},
846847
},
847848
Jump: &Target{
848849
Name: "MASQUERADE",
849850
Flags: map[string]Flag{
850-
"random-fully": Flag{},
851-
"random": Flag{},
852-
"to-ports": Flag{
851+
"random-fully": {},
852+
"random": {},
853+
"to-ports": {
853854
Values: []string{"200-1000"},
854855
},
855856
},
@@ -862,12 +863,15 @@ func TestParser_Parse(t *testing.T) {
862863
s: "-A foo ! -s 192.168.178.2 ! --dst 1.1.1.1 -m statistic --mode random --probability 0.50000000000 --every 10 --packet 5",
863864
r: Rule{
864865
Chain: "foo",
865-
Source: &DNSOrIPPair{Value: DNSOrIP{
866-
iP: parseCIDR("192.168.178.2"),
866+
Source: &DNSOrIPPair{
867+
Value: DNSOrIP{
868+
iP: parseCIDR("192.168.178.2"),
869+
},
870+
Not: true,
867871
},
868-
Not: true},
869872
Destination: &DNSOrIPPair{Value: DNSOrIP{iP: parseCIDR("1.1.1.1")}, Not: true},
870-
Matches: []Match{{Type: "statistic",
873+
Matches: []Match{{
874+
Type: "statistic",
871875
Flags: map[string]Flag{
872876
"mode": {
873877
Values: []string{`random`},
@@ -881,7 +885,8 @@ func TestParser_Parse(t *testing.T) {
881885
"every": {
882886
Values: []string{`10`},
883887
},
884-
}}},
888+
},
889+
}},
885890
},
886891
err: nil,
887892
},
@@ -894,7 +899,8 @@ func TestParser_Parse(t *testing.T) {
894899
Counter: &Counter{
895900
packets: 0,
896901
bytes: 100,
897-
}},
902+
},
903+
},
898904
err: nil,
899905
},
900906
{
@@ -910,7 +916,7 @@ func TestParser_Parse(t *testing.T) {
910916
{
911917
Type: "addrtype",
912918
Flags: map[string]Flag{
913-
"dst-type": Flag{Values: []string{"LOCAL"}},
919+
"dst-type": {Values: []string{"LOCAL"}},
914920
},
915921
},
916922
},
@@ -974,7 +980,7 @@ func TestParser_Parse(t *testing.T) {
974980
{
975981
Type: "tcp",
976982
Flags: map[string]Flag{
977-
"destination-port": Flag{
983+
"destination-port": {
978984
Values: []string{"6443"},
979985
},
980986
},
@@ -1034,7 +1040,8 @@ func TestParser_ParseMore(t *testing.T) {
10341040
Counter: &Counter{
10351041
packets: 10,
10361042
bytes: 100,
1037-
}},
1043+
},
1044+
},
10381045
Rule{
10391046
Chain: "foo",
10401047
Destination: &DNSOrIPPair{Value: DNSOrIP{iP: parseCIDR("192.168.178.2")}},
@@ -1052,7 +1059,7 @@ func TestParser_ParseMore(t *testing.T) {
10521059
{
10531060
Type: "comment",
10541061
Flags: map[string]Flag{
1055-
"comment": Flag{
1062+
"comment": {
10561063
Values: []string{`this crazy`},
10571064
},
10581065
},
@@ -1067,16 +1074,16 @@ func TestParser_ParseMore(t *testing.T) {
10671074
{
10681075
Type: "comment",
10691076
Flags: map[string]Flag{
1070-
"comment": Flag{Values: []string{"kubernetes service traffic requiring SNAT"}},
1077+
"comment": {Values: []string{"kubernetes service traffic requiring SNAT"}},
10711078
},
10721079
},
10731080
},
10741081
Jump: &Target{
10751082
Name: "MASQUERADE",
10761083
Flags: map[string]Flag{
1077-
"random-fully": Flag{},
1078-
"random": Flag{},
1079-
"to-ports": Flag{
1084+
"random-fully": {},
1085+
"random": {},
1086+
"to-ports": {
10801087
Values: []string{"200-1000"},
10811088
},
10821089
},
@@ -1103,7 +1110,7 @@ func TestParser_ParseMore(t *testing.T) {
11031110
{
11041111
Type: "addrtype",
11051112
Flags: map[string]Flag{
1106-
"dst-type": Flag{Values: []string{"LOCAL"}},
1113+
"dst-type": {Values: []string{"LOCAL"}},
11071114
},
11081115
},
11091116
},
@@ -1152,7 +1159,7 @@ func TestParser_ParseMore(t *testing.T) {
11521159
{
11531160
Type: "tcp",
11541161
Flags: map[string]Flag{
1155-
"destination-port": Flag{
1162+
"destination-port": {
11561163
Values: []string{"6443"},
11571164
},
11581165
},

0 commit comments

Comments
 (0)
Please sign in to comment.