Small fixes

firewall/interception.go

@@ -72,7 +72,7 @@ func interceptionPrep() error {
 		configChangeEvent,
 		"reset connection verdicts",
 		func(ctx context.Context, _ interface{}) error {
-			resetPersistentVerdicts()
+			resetAllConnectionVerdicts()
 			return nil
 		},
 	)
@@ -86,7 +86,7 @@ func interceptionPrep() error {
 		profileConfigChangeEvent,
 		"reset connection verdicts",
 		func(ctx context.Context, _ interface{}) error {
-			resetPersistentVerdicts()
+			resetAllConnectionVerdicts()
 			return nil
 		},
 	)
@@ -101,7 +101,7 @@ func interceptionPrep() error {
 		onSPNConnectEvent,
 		"reset connection verdicts",
 		func(ctx context.Context, _ interface{}) error {
-			resetPersistentVerdicts()
+			resetAllConnectionVerdicts()
 			return nil
 		},
 	)
@@ -116,7 +116,7 @@ func interceptionPrep() error {
 	return prepAPIAuth()
 }
 
-func resetPersistentVerdicts() {
+func resetAllConnectionVerdicts() {
 	// Resetting will force all the connection to be evaluated by the firewall again
 	// this will set new verdicts if configuration was update or spn has been disabled or enabled.
 	log.Info("interception: reevaluating all connection trough the firewall")

firewall/interception/nfq/conntrack.go

@@ -6,6 +6,7 @@ import (
 	"encoding/binary"
 
 	ct "github.com/florianl/go-conntrack"
+
 	"github.com/safing/portbase/log"
 	"github.com/safing/portmaster/netenv"
 )
@@ -36,7 +37,9 @@ func deleteMarkedConnections(nfct *ct.Nfct, f ct.Family) {
 	filter.MarkMask = []byte{0xFF, 0xFF, 0xFF, 0xFF}
 	filter.Mark = []byte{0x00, 0x00, 0x00, 0x00} // 4 zeros starting value
 
-	// get all connections from the specified family (ipv4 or ipv6)
+	numberOfErrors := 0
+	var deleteError error = nil
+	// Get all connections from the specified family (ipv4 or ipv6)
 	for _, mark := range permanentFlags {
 		binary.BigEndian.PutUint32(filter.Mark, mark) // Little endian is in reverse not sure why. BigEndian makes it in correct order.
 		currentConnections, err := nfct.Query(ct.Conntrack, f, filter)
@@ -45,16 +48,15 @@ func deleteMarkedConnections(nfct *ct.Nfct, f ct.Family) {
 			continue
 		}
 
-		numberOfErrors := 0
 		for _, connection := range currentConnections {
-			err = nfct.Delete(ct.Conntrack, ct.IPv4, connection)
+			deleteError = nfct.Delete(ct.Conntrack, ct.IPv4, connection)
 			if err != nil {
 				numberOfErrors++
 			}
 		}
+	}
 
-		if numberOfErrors > 0 {
-			log.Warningf("nfq: failed to delete %d conntrack entries last error is: %s", numberOfErrors, err)
-		}
+	if numberOfErrors > 0 {
+		log.Warningf("nfq: failed to delete %d conntrack entries last error is: %s", numberOfErrors, deleteError)
 	}
 }

firewall/interception/windowskext/kext.go

@@ -95,7 +95,7 @@ func Init(dllPath, driverPath string) error {
 	new.clearCache, err = new.dll.FindProc("PortmasterClearCache")
 	if err != nil {
 		// the loaded dll is an old version
-		log.Errorf("could not find proc PortmasterClearCache (v0.x.x+) in dll: %s", err)
+		log.Errorf("could not find proc PortmasterClearCache (v1.0.12+) in dll: %s", err)
 	}
 
 	// initialize dll/kext

network/connection.go

@@ -448,7 +448,7 @@ func GetConnection(id string) (*Connection, bool) {
 
 // GetAllConnections Gets all connection.
 func GetAllConnections() []*Connection {
-	return append(conns.list(), dnsConns.list()...)
+	return conns.list()
 }
 
 // SetLocalIP sets the local IP address together with its network scope. The