From 92276eed4761ffbb9e277c0e6d4c5ca58466fb3a Mon Sep 17 00:00:00 2001
From: dma <dma@subgraph.com>
Date: Wed, 20 Sep 2017 04:05:55 +0000
Subject: [PATCH] fmt

---
 sgfw/policy.go | 56 +++++++++++++++++++++++++-------------------------
 sgfw/rules.go  | 16 +++++++--------
 2 files changed, 36 insertions(+), 36 deletions(-)

diff --git a/sgfw/policy.go b/sgfw/policy.go
index 35c1bd1..da28e31 100644
--- a/sgfw/policy.go
+++ b/sgfw/policy.go
@@ -371,7 +371,7 @@ func (p *Policy) filterPending(rule *Rule) {
 	for _, pc := range p.pendingQueue {
 		if rule.match(pc.src(), pc.dst(), pc.dstPort(), pc.hostname(), pc.proto(), pc.procInfo().UID, pc.procInfo().GID, uidToUser(pc.procInfo().UID), gidToGroup(pc.procInfo().GID)) {
 			log.Infof("Adding rule for: %s", rule.getString(FirewallConfig.LogRedact))
-//			log.Noticef("%s > %s", rule.getString(FirewallConfig.LogRedact), pc.print())
+			//			log.Noticef("%s > %s", rule.getString(FirewallConfig.LogRedact), pc.print())
 			if rule.rtype == RULE_ACTION_ALLOW {
 				pc.accept()
 			} else if rule.rtype == RULE_ACTION_ALLOW_TLSONLY {
@@ -528,33 +528,33 @@ func readFileDirect(filename string) ([]byte, error) {
 	fd := int(res)
 	data := make([]byte, 65535)
 
-        i := 0
-        val := 0
-        for i = 0; i < 65535; {
-                val, err = syscall.Read(fd, data[i:])
-                i += val
-                if err != nil  && val != 0 {
-                        return nil, err
-                }
-                if val == 0 {
-                        break
-                }
-        }
-
-        data = data[0:i]
-/*
-	val, err := syscall.Read(fd, data)
-
-	if err != nil {
-		return nil, err
+	i := 0
+	val := 0
+	for i = 0; i < 65535; {
+		val, err = syscall.Read(fd, data[i:])
+		i += val
+		if err != nil && val != 0 {
+			return nil, err
+		}
+		if val == 0 {
+			break
+		}
 	}
-*/
+
+	data = data[0:i]
+	/*
+		val, err := syscall.Read(fd, data)
+
+		if err != nil {
+			return nil, err
+		}
+	*/
 	syscall.Close(fd)
-/*
-	if val < 65535 {
-		data = data[0:val]
-	}
-*/
+	/*
+		if val < 65535 {
+			data = data[0:val]
+		}
+	*/
 	return data, nil
 }
 
@@ -645,11 +645,11 @@ func LookupSandboxProc(srcip net.IP, srcp uint16, dstip net.IP, dstp uint16, pro
 				if len(ssplit) != 6 {
 					continue
 				}
-				
+
 				rlines = append(rlines, strings.Join(ssplit, ":"))
 			}
 
-		//	log.Warningf("Looking for %s:%d => %s:%d \n %s\n******\n", srcip, srcp, dstip, dstp, data) 
+			//	log.Warningf("Looking for %s:%d => %s:%d \n %s\n******\n", srcip, srcp, dstip, dstp, data)
 
 			if proto == "tcp" {
 				res = procsnitch.LookupTCPSocketProcessAll(srcip, srcp, dstip, dstp, rlines)
diff --git a/sgfw/rules.go b/sgfw/rules.go
index 33ae34f..db237d4 100644
--- a/sgfw/rules.go
+++ b/sgfw/rules.go
@@ -1,7 +1,7 @@
 package sgfw
 
 import (
-//	"encoding/binary"
+	//	"encoding/binary"
 	"fmt"
 	"io/ioutil"
 	"net"
@@ -184,7 +184,7 @@ func (rl *RuleList) filter(pkt *nfqueue.NFQPacket, src, dst net.IP, dstPort uint
 				nfqproto = getNFQProto(pkt)
 			} else {
 				if r.saddr == nil && src == nil && sandboxed == false && (r.port == dstPort || r.port == matchAny) && (r.addr.Equal(anyAddress) || r.hostname == "" || r.hostname == hostname) {
-				//	log.Notice("+ Socks5 MATCH SUCCEEDED")
+					//	log.Notice("+ Socks5 MATCH SUCCEEDED")
 					if r.rtype == RULE_ACTION_DENY {
 						return FILTER_DENY
 					} else if r.rtype == RULE_ACTION_ALLOW {
@@ -203,7 +203,7 @@ func (rl *RuleList) filter(pkt *nfqueue.NFQPacket, src, dst net.IP, dstPort uint
 			continue
 		}
 		if r.match(src, dst, dstPort, hostname, nfqproto, pinfo.UID, pinfo.GID, uidToUser(pinfo.UID), gidToGroup(pinfo.GID)) {
-		//	log.Notice("+ MATCH SUCCEEDED")
+			//	log.Notice("+ MATCH SUCCEEDED")
 			dstStr := dst.String()
 			if FirewallConfig.LogRedact {
 				dstStr = STR_REDACTED
@@ -214,11 +214,11 @@ func (rl *RuleList) filter(pkt *nfqueue.NFQPacket, src, dst net.IP, dstPort uint
 				srcp, _ := getPacketPorts(pkt)
 				srcStr = fmt.Sprintf("%s:%d", srcip, srcp)
 			}
-		//	log.Noticef("%s > %s %s %s -> %s:%d",
+			//	log.Noticef("%s > %s %s %s -> %s:%d",
 			//r.getString(FirewallConfig.LogRedact), pinfo.ExePath, r.proto, srcStr, dstStr, dstPort)
 			if r.rtype == RULE_ACTION_DENY {
-					//TODO: Optionally redact below log entry
-					log.Warningf("DENIED outgoing connection attempt by %s from %s %s -> %s:%d",
+				//TODO: Optionally redact below log entry
+				log.Warningf("DENIED outgoing connection attempt by %s from %s %s -> %s:%d",
 					pinfo.ExePath, r.proto,
 					srcStr,
 					dstStr, dstPort)
@@ -235,8 +235,8 @@ func (rl *RuleList) filter(pkt *nfqueue.NFQPacket, src, dst net.IP, dstPort uint
 				result = FILTER_ALLOW_TLSONLY
 				return result
 			}
-		} 
-/**else {
+		}
+		/**else {
 			log.Notice("+ MATCH FAILED")
 		} */
 	}