diff --git a/internal/firewall/iptables/atomic.go b/internal/firewall/iptables/atomic.go index a8ec46e5..c61c26c6 100644 --- a/internal/firewall/iptables/atomic.go +++ b/internal/firewall/iptables/atomic.go @@ -11,9 +11,7 @@ import ( // returns a restore function that can be called to restore the saved rules. func (c *Config) SaveAndRestore(ctx context.Context) (restore func(context.Context), err error) { c.iptablesMutex.Lock() - c.ip6tablesMutex.Lock() defer c.iptablesMutex.Unlock() - defer c.ip6tablesMutex.Unlock() return c.saveAndRestore(ctx) } diff --git a/internal/firewall/iptables/firewall.go b/internal/firewall/iptables/firewall.go index aeedae63..52f92f82 100644 --- a/internal/firewall/iptables/firewall.go +++ b/internal/firewall/iptables/firewall.go @@ -6,10 +6,9 @@ import ( ) type Config struct { - runner CmdRunner - logger Logger - iptablesMutex sync.Mutex - ip6tablesMutex sync.Mutex + runner CmdRunner + logger Logger + iptablesMutex sync.Mutex // Fixed state ipTables string diff --git a/internal/firewall/iptables/ip6tables.go b/internal/firewall/iptables/ip6tables.go index 6e096699..33b1865a 100644 --- a/internal/firewall/iptables/ip6tables.go +++ b/internal/firewall/iptables/ip6tables.go @@ -24,8 +24,8 @@ func findIP6tablesSupported(ctx context.Context, runner CmdRunner) ( } func (c *Config) runIP6tablesInstructions(ctx context.Context, instructions []string) error { - c.ip6tablesMutex.Lock() // only one ip6tables command at once - defer c.ip6tablesMutex.Unlock() + c.iptablesMutex.Lock() // only one iptables command at once + defer c.iptablesMutex.Unlock() restore, err := c.saveAndRestoreIPv6(ctx) if err != nil { @@ -48,8 +48,8 @@ func (c *Config) runIP6tablesInstructionsNoSave(ctx context.Context, instruction } func (c *Config) runIP6tablesInstruction(ctx context.Context, instruction string) error { - c.ip6tablesMutex.Lock() // only one ip6tables command at once - defer c.ip6tablesMutex.Unlock() + c.iptablesMutex.Lock() // only one iptables command at once + defer c.iptablesMutex.Unlock() restore, err := c.saveAndRestoreIPv6(ctx) if err != nil { diff --git a/internal/firewall/iptables/iptables.go b/internal/firewall/iptables/iptables.go index 68ed71e0..34591c71 100644 --- a/internal/firewall/iptables/iptables.go +++ b/internal/firewall/iptables/iptables.go @@ -229,9 +229,7 @@ func (c *Config) RedirectPort(ctx context.Context, intf string, } c.iptablesMutex.Lock() - c.ip6tablesMutex.Lock() defer c.iptablesMutex.Unlock() - defer c.ip6tablesMutex.Unlock() restore, err := c.saveAndRestore(ctx) if err != nil { @@ -297,9 +295,7 @@ func (c *Config) RunUserPostRules(ctx context.Context, filepath string) error { lines := strings.Split(string(b), "\n") c.iptablesMutex.Lock() - c.ip6tablesMutex.Lock() defer c.iptablesMutex.Unlock() - defer c.ip6tablesMutex.Unlock() restore, err := c.saveAndRestore(ctx) if err != nil { diff --git a/internal/firewall/iptables/iptablesmix.go b/internal/firewall/iptables/iptablesmix.go index 32c75c45..fc80e513 100644 --- a/internal/firewall/iptables/iptablesmix.go +++ b/internal/firewall/iptables/iptablesmix.go @@ -6,9 +6,7 @@ import ( func (c *Config) runMixedIptablesInstructions(ctx context.Context, instructions []string) error { c.iptablesMutex.Lock() - c.ip6tablesMutex.Lock() defer c.iptablesMutex.Unlock() - defer c.ip6tablesMutex.Unlock() restore, err := c.saveAndRestore(ctx) if err != nil { @@ -26,9 +24,7 @@ func (c *Config) runMixedIptablesInstructions(ctx context.Context, instructions func (c *Config) runMixedIptablesInstruction(ctx context.Context, instruction string) error { c.iptablesMutex.Lock() - c.ip6tablesMutex.Lock() defer c.iptablesMutex.Unlock() - defer c.ip6tablesMutex.Unlock() restore, err := c.saveAndRestore(ctx) if err != nil {