Guard against err being nil

Author: adrianmoisey

conntrack_linux.go

@@ -161,12 +161,15 @@ func (h *Handle) ConntrackDeleteFilter(table ConntrackTableType, family InetFami
 func (h *Handle) ConntrackDeleteFilters(table ConntrackTableType, family InetFamily, filters ...CustomConntrackFilter) (uint, error) {
 	var errMsgs []string
 	res, err := h.dumpConntrackTable(table, family)
-	if err != nil && !errors.Is(err, ErrDumpInterrupted) {
-		return 0, err
+	if err != nil {
+		if !errors.Is(err, ErrDumpInterrupted) {
+			return 0, err
+		}
+		// This allows us to at least do a best effort to try to clean the
+		// entries matching the filter.
+		errMsgs = append(errMsgs, err.Error())
 	}
 
-	errMsgs = append(errMsgs, err.Error())
-
 	var matched uint
 	for _, dataRaw := range res {
 		flow := parseRawData(dataRaw)
@@ -220,10 +223,11 @@ type ProtoInfo interface {
 type ProtoInfoTCP struct {
 	State uint8
 }
+
 // Protocol returns "tcp".
-func (*ProtoInfoTCP) Protocol() string {return "tcp"}
+func (*ProtoInfoTCP) Protocol() string { return "tcp" }
 func (p *ProtoInfoTCP) toNlData() ([]*nl.RtAttr, error) {
-	ctProtoInfo := nl.NewRtAttr(unix.NLA_F_NESTED | nl.CTA_PROTOINFO, []byte{})
+	ctProtoInfo := nl.NewRtAttr(unix.NLA_F_NESTED|nl.CTA_PROTOINFO, []byte{})
 	ctProtoInfoTCP := nl.NewRtAttr(unix.NLA_F_NESTED|nl.CTA_PROTOINFO_TCP, []byte{})
 	ctProtoInfoTCPState := nl.NewRtAttr(nl.CTA_PROTOINFO_TCP_STATE, nl.Uint8Attr(p.State))
 	ctProtoInfoTCP.AddChild(ctProtoInfoTCPState)
@@ -233,14 +237,16 @@ func (p *ProtoInfoTCP) toNlData() ([]*nl.RtAttr, error) {
 }
 
 // ProtoInfoSCTP only supports the protocol name.
-type ProtoInfoSCTP struct {}
+type ProtoInfoSCTP struct{}
+
 // Protocol returns "sctp".
-func (*ProtoInfoSCTP) Protocol() string {return "sctp"}
+func (*ProtoInfoSCTP) Protocol() string { return "sctp" }
 
 // ProtoInfoDCCP only supports the protocol name.
-type ProtoInfoDCCP struct {}
+type ProtoInfoDCCP struct{}
+
 // Protocol returns "dccp".
-func (*ProtoInfoDCCP) Protocol() string {return "dccp"}
+func (*ProtoInfoDCCP) Protocol() string { return "dccp" }
 
 // The full conntrack flow structure is very complicated and can be found in the file:
 // http://git.netfilter.org/libnetfilter_conntrack/tree/include/internal/object.h
@@ -282,7 +288,7 @@ func (t *IPTuple) toNlData(family uint8) ([]*nl.RtAttr, error) {
 	ctTupleProtoSrcPort := nl.NewRtAttr(nl.CTA_PROTO_SRC_PORT, nl.BEUint16Attr(t.SrcPort))
 	ctTupleProto.AddChild(ctTupleProtoSrcPort)
 	ctTupleProtoDstPort := nl.NewRtAttr(nl.CTA_PROTO_DST_PORT, nl.BEUint16Attr(t.DstPort))
-	ctTupleProto.AddChild(ctTupleProtoDstPort, )
+	ctTupleProto.AddChild(ctTupleProtoDstPort)
 
 	return []*nl.RtAttr{ctTupleIP, ctTupleProto}, nil
 }
@@ -359,7 +365,7 @@ func (s *ConntrackFlow) toNlData() ([]*nl.RtAttr, error) {
 	//	<len, CTA_TIMEOUT>
 	//	<BEuint64>
 	//	<len, NLA_F_NESTED|CTA_PROTOINFO>
- 
+
 	// CTA_TUPLE_ORIG
 	ctTupleOrig := nl.NewRtAttr(unix.NLA_F_NESTED|nl.CTA_TUPLE_ORIG, nil)
 	forwardFlowAttrs, err := s.Forward.toNlData(s.FamilyType)
@@ -542,12 +548,12 @@ func parseTimeStamp(r *bytes.Reader, readSize uint16) (tstart, tstop uint64) {
 
 func parseProtoInfoTCPState(r *bytes.Reader) (s uint8) {
 	binary.Read(r, binary.BigEndian, &s)
-	r.Seek(nl.SizeofNfattr - 1, seekCurrent)
+	r.Seek(nl.SizeofNfattr-1, seekCurrent)
 	return s
 }
 
 // parseProtoInfoTCP reads the entire nested protoinfo structure, but only parses the state attr.
-func parseProtoInfoTCP(r *bytes.Reader, attrLen uint16) (*ProtoInfoTCP) {
+func parseProtoInfoTCP(r *bytes.Reader, attrLen uint16) *ProtoInfoTCP {
 	p := new(ProtoInfoTCP)
 	bytesRead := 0
 	for bytesRead < int(attrLen) {
@@ -661,7 +667,7 @@ func parseRawData(data []byte) *ConntrackFlow {
 			switch t {
 			case nl.CTA_MARK:
 				s.Mark = parseConnectionMark(reader)
-				case nl.CTA_LABELS:
+			case nl.CTA_LABELS:
 				s.Labels = parseConnectionLabels(reader)
 			case nl.CTA_TIMEOUT:
 				s.TimeOut = parseTimeOut(reader)