Fix linter errors

firewall/interception.go

@@ -177,9 +177,7 @@ func interceptionStart() error {
 	interceptionModule.StartWorker("stat logger", statLogger)
 	interceptionModule.StartWorker("packet handler", packetHandler)
 
-	err := interception.Start()
+	return interception.Start()
-
-	return err
 }
 
 func interceptionStop() error {

firewall/interception/interception_linux.go

@@ -21,6 +21,7 @@ func ResetVerdictOfAllConnections() error {
 	return nfq.DeleteAllMarkedConnection()
 }
 
+// UpdateVerdictOfConnection deletes the verdict of specific connection so in can be initialized again with the next packet
 func UpdateVerdictOfConnection(conn *network.Connection) error {
 	return nfq.DeleteMarkedConnection(conn)
 }

firewall/interception/interception_windows.go

@@ -41,11 +41,13 @@ func ResetVerdictOfAllConnections() error {
 	return windowskext.ClearCache()
 }
 
+// UpdateVerdictOfConnection updates the verdict of specific connection in the kernel extension
 func UpdateVerdictOfConnection(conn *network.Connection) error {
 	return windowskext.UpdateVerdict(conn)
 }
 
-func GetVersion() (string, error) {
+// GetKextVersion returns the version of the kernel extension
+func GetKextVersion() (string, error) {
 	version, err := windowskext.GetVersion()
 	if err != nil {
 		return "", err

firewall/interception/nfq/conntrack.go

@@ -13,10 +13,9 @@ import (
 	"github.com/safing/portmaster/network"
 )
 
-var (
+var nfct *ct.Nfct // Conntrack handler. NFCT: Network Filter Connection Tracking
-	nfct *ct.Nfct // Conntrack handler. NFCT: Network Filter Connection Tracking
-)
 
+// InitNFCT initializes the network filter conntrack library
 func InitNFCT() error {
 	var err error
 	nfct, err = ct.Open(&ct.Config{})
@@ -26,6 +25,7 @@ func InitNFCT() error {
 	return nil
 }
 
+// DeinitNFCT deinitializes the network filter conntrack library
 func DeinitNFCT() {
 	_ = nfct.Close()
 }
@@ -82,6 +82,7 @@ func deleteMarkedConnections(nfct *ct.Nfct, f ct.Family) (deleted int) {
 	return deleted
 }
 
+// DeleteMarkedConnection removes a specific connection from the conntrack table
 func DeleteMarkedConnection(conn *network.Connection) error {
 	if nfct == nil {
 		return fmt.Errorf("nfq: nfct not initialized")
@@ -100,7 +101,7 @@ func DeleteMarkedConnection(conn *network.Connection) error {
 	}
 	connections, err := nfct.Get(ct.Conntrack, ct.IPv4, con)
 	if err != nil {
-		return fmt.Errorf("nfq: failed to find entry for connection %s: %s", conn.String(), err)
+		return fmt.Errorf("nfq: failed to find entry for connection %s: %w", conn.String(), err)
 	}
 
 	if len(connections) > 1 {
@@ -108,7 +109,14 @@ func DeleteMarkedConnection(conn *network.Connection) error {
 	}
 
 	for _, connection := range connections {
-		nfct.Delete(ct.Conntrack, ct.IPv4, connection)
+		deleteErr := nfct.Delete(ct.Conntrack, ct.IPv4, connection)
+		if err == nil {
+			err = deleteErr
+		}
+	}
+
+	if err != nil {
+		log.Warningf("nfq: error while deleting conntrack entries for connection %s: %s", conn.String(), err)
 	}
 
 	return nil

firewall/interception/nfqueue_linux.go

@@ -150,7 +150,7 @@ func activateNfqueueFirewall() error {
 	if err := nfq.InitNFCT(); err != nil {
 		return err
 	}
-	nfq.DeleteAllMarkedConnection()
+	_ = nfq.DeleteAllMarkedConnection()
 
 	return nil
 }
@@ -171,7 +171,7 @@ func DeactivateNfqueueFirewall() error {
 		}
 	}
 
-	nfq.DeleteAllMarkedConnection()
+	_ = nfq.DeleteAllMarkedConnection()
 	nfq.DeinitNFCT()
 
 	return result.ErrorOrNil()