fix: report an error when the table already existed

black-desk · Oct 24, 2023 · ff21a96 · ff21a96
1 parent dc33673
commit ff21a96
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 3 deletions.
diff --git a/go.mod b/go.mod
@@ -48,3 +48,5 @@ require (
 	golang.org/x/text v0.13.0 // indirect
 	golang.org/x/tools v0.14.0 // indirect
 )
+
+replace github.com/google/nftables => github.com/black-desk/nftables v0.0.0-20231024023000-507e72d30b17
diff --git a/go.sum b/go.sum
@@ -1,5 +1,7 @@
 github.com/black-desk/lib/go v0.0.0-20231021105122-e4106bdb89f9 h1:z4ENGB/6+zF3nzO0qi5ud1kxZDu6lw74+I7h5OLTmrQ=
 github.com/black-desk/lib/go v0.0.0-20231021105122-e4106bdb89f9/go.mod h1:M8o2UXm8jAG7bech4xc/SeNxbHquqfagVvHdKyDoRNk=
+github.com/black-desk/nftables v0.0.0-20231024023000-507e72d30b17 h1:/mmacHTt9zP1NRUMz6Y3ko7uafsOv2v6aLjItzGfxxU=
+github.com/black-desk/nftables v0.0.0-20231024023000-507e72d30b17/go.mod h1:FODgEv85GcCEyoUYZ27mPWQBSU1f67bzgNu2IITA9k8=
 github.com/black-desk/zap-journal v0.0.0-20230529080551-a8e82d81454b h1:fiO3y68dfa5ctXhgZKCniY0IfPl0U+EoyADUgG2zP+s=
 github.com/black-desk/zap-journal v0.0.0-20230529080551-a8e82d81454b/go.mod h1:H5owNzV6HHMmOk5jI+uaWAVZFVQkWrgoE3d/fABb1PQ=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
@@ -27,8 +29,6 @@ github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiu
 github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/nftables v0.1.1-0.20231021201155-6df7a82bbd85 h1:eJvIqeddy69xqWdapD/AZVNhJD5/kPSx2RyO1rjPaeI=
-github.com/google/nftables v0.1.1-0.20231021201155-6df7a82bbd85/go.mod h1:FODgEv85GcCEyoUYZ27mPWQBSU1f67bzgNu2IITA9k8=
 github.com/google/pprof v0.0.0-20230602150820-91b7bce49751 h1:hR7/MlvK23p6+lIw9SN1TigNLn9ZnF3W4SYRKq2gAHs=
 github.com/google/pprof v0.0.0-20230602150820-91b7bce49751/go.mod h1:Jh3hGz2jkYak8qXPD19ryItVnUgpgeqzdkY/D0EaeuA=
 github.com/google/subcommands v1.0.1/go.mod h1:ZjhPrFU+Olkh9WazFPsl27BQ4UPiG37m3yTrtFlrHVk=

diff --git a/pkg/nftman/new.go b/pkg/nftman/new.go
@@ -163,11 +163,17 @@ func (nft *NFTManager) initStructure() (err error) {
 		return
 	}
 
-	nft.table = conn.AddTable(&nftables.Table{
+	nft.table = conn.CreateTable(&nftables.Table{
 		Name:   NftTableName,
 		Family: nftables.TableFamilyINet,
 	})
 
+	err = conn.Flush()
+	if err != nil {
+		Wrap(&err, "create table")
+		return
+	}
+
 	err = nft.initIPV4BypassSet(conn)
 	if err != nil {
 		return
@@ -225,6 +231,8 @@ func (nft *NFTManager) initStructure() (err error) {
 }
 
 func (nft *NFTManager) initIPV4BypassSet(conn *nftables.Conn) (err error) {
+	defer Wrap(&err, "prepare ipv4 bypass set")
+
 	nft.ipv4BypassSet = &nftables.Set{
 		Table:        nft.table,
 		Name:         "bypass",