chore(all): replace net.IP with netip.Addr

internal/firewall/enable.go

@@ -130,7 +130,7 @@ func (c *Config) enable(ctx context.Context) (err error) {
 }
 
 func (c *Config) allowVPNIP(ctx context.Context) (err error) {
-	if c.vpnConnection.IP == nil {
+	if !c.vpnConnection.IP.IsValid() {
 		return nil
 	}
 

internal/firewall/iptables.go

@@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"net"
 	"net/netip"
 	"os"
 	"os/exec"
@@ -146,8 +145,7 @@ func (c *Config) acceptOutputTrafficToVPN(ctx context.Context,
 	instruction := fmt.Sprintf("%s OUTPUT -d %s -o %s -p %s -m %s --dport %d -j ACCEPT",
 		appendOrDelete(remove), connection.IP, defaultInterface, connection.Protocol,
 		connection.Protocol, connection.Port)
-	isIPv4 := connection.IP.To4() != nil
-	if isIPv4 {
+	if connection.IP.Is4() {
 		return c.runIptablesInstruction(ctx, instruction)
 	} else if c.ip6Tables == "" {
 		return fmt.Errorf("accept output to VPN server: %w", ErrNeedIP6Tables)
@@ -157,8 +155,8 @@ func (c *Config) acceptOutputTrafficToVPN(ctx context.Context,
 
 // Thanks to @npawelek.
 func (c *Config) acceptOutputFromIPToSubnet(ctx context.Context,
-	intf string, sourceIP net.IP, destinationSubnet netip.Prefix, remove bool) error {
-	doIPv4 := sourceIP.To4() != nil && destinationSubnet.Addr().Is4()
+	intf string, sourceIP netip.Addr, destinationSubnet netip.Prefix, remove bool) error {
+	doIPv4 := sourceIP.Is4() && destinationSubnet.Addr().Is4()
 
 	interfaceFlag := "-o " + intf
 	if intf == "*" { // all interfaces

internal/firewall/vpn.go

@@ -25,7 +25,7 @@ func (c *Config) SetVPNConnection(ctx context.Context,
 	}
 
 	remove := true
-	if c.vpnConnection.IP != nil {
+	if c.vpnConnection.IP.IsValid() {
 		for _, defaultRoute := range c.defaultRoutes {
 			if err := c.acceptOutputTrafficToVPN(ctx, defaultRoute.NetInterface, c.vpnConnection, remove); err != nil {
 				c.logger.Error("cannot remove outdated VPN connection rule: " + err.Error())