minor refactoring

firewall/interception.go

@@ -151,7 +151,7 @@ func resetAllConnectionVerdicts() {
 			if conn.Verdict.Firewall != previousVerdict {
 				err := interception.UpdateVerdictOfConnection(conn)
 				if err != nil {
-					log.Debugf("filter: failed to delete connection verdict: %s", err)
+					log.Debugf("filter: failed to update connection verdict: %s", err)
 				}
 				conn.Save()
 				tracer.Infof("filter: verdict of connection %s changed from %s to %s", conn, previousVerdict.Verb(), conn.VerdictVerb())

firewall/interception/nfq/conntrack.go

@@ -25,8 +25,8 @@ func InitNFCT() error {
 	return nil
 }
 
-// DeinitNFCT deinitializes the network filter conntrack library.
-func DeinitNFCT() {
+// TeardownNFCT deinitializes the network filter conntrack library.
+func TeardownNFCT() {
 	_ = nfct.Close()
 }
 

firewall/interception/nfqueue_linux.go

@@ -172,7 +172,7 @@ func DeactivateNfqueueFirewall() error {
 	}
 
 	_ = nfq.DeleteAllMarkedConnection()
-	nfq.DeinitNFCT()
+	nfq.TeardownNFCT()
 
 	return result.ErrorOrNil()
 }

firewall/interception/windowskext/handler.go

@@ -29,7 +29,7 @@ const (
 	VerdictRequestFlagSocketAuth = 2
 )
 
-// Do not change the order of the members! The structure to communicate with the kernel extension.
+// Do not change the order of the members! The structure is used to communicate with the kernel extension.
 // VerdictRequest is the request structure from the Kext.
 type VerdictRequest struct {
 	id         uint32 // ID from RegisterPacket
@@ -48,7 +48,7 @@ type VerdictRequest struct {
 	packetSize uint32
 }
 
-// Do not change the order of the members! The structure to communicate with the kernel extension.
+// Do not change the order of the members! The structure is used to communicate with the kernel extension.
 type VerdictInfo struct {
 	id      uint32          // ID from RegisterPacket
 	verdict network.Verdict // verdict for the connection