fixed exception loading outdated configuration

gustavo-iniguez-goya · gustavo-iniguez-goya · commit 53b948b11a93 · 2025-07-19T18:49:15.000+02:00
TODO: send the error to the GUI. It's important enough to warn the user about it. Issue: #1380
diff --git a/daemon/firewall/rules.go b/daemon/firewall/rules.go
@@ -47,6 +47,16 @@ var (
 // If iptables is not installed, we can add nftables rules directly to the kernel,
 // without relying on any binaries.
 func Init(fwType, configPath, monitorInterval string, bypassQueue bool, qNum uint16) (err error) {
+	confError := false
+	if fwType == "" {
+		confError = true
+		fwType = nftables.Name
+	}
+	if configPath == "" {
+		confError = true
+		configPath = config.DefaultConfigFile
+	}
+
 	if fwType == iptables.Name {
 		fw, err = iptables.Fw()
 		if err != nil {
@@ -66,13 +76,14 @@ func Init(fwType, configPath, monitorInterval string, bypassQueue bool, qNum uin
 	}
 
 	if fw == nil {
-		return fmt.Errorf("Firewall not initialized")
-	}
-	if configPath == "" {
-		configPath = config.DefaultConfigFile
+		return fmt.Errorf("Firewall not initialized. Be sure that you're using latest configuration file. Report it on github if needed.")
 	}
 	fw.Stop()
 	fw.Init(qNum, configPath, monitorInterval, bypassQueue)
+	if confError {
+		log.Error("Firewall error: the default configuration seem to be outdated (default-config.json). Get latest configuration from github.")
+	}
+
 	queueNum = qNum
 
 	log.Info("Using %s firewall", fw.Name())
@@ -149,10 +160,16 @@ func SaveConfiguration(rawConfig []byte) error {
 
 // Serialize transforms firewall json configuration to protobuf
 func Serialize() (*protocol.SysFirewall, error) {
+	if fw == nil {
+		return nil, fmt.Errorf("firewall not initialized, report please")
+	}
 	return fw.Serialize()
 }
 
 // Deserialize transforms firewall json configuration to protobuf
 func Deserialize(sysfw *protocol.SysFirewall) ([]byte, error) {
+	if fw == nil {
+		return nil, fmt.Errorf("firewall not initialized, report please")
+	}
 	return fw.Deserialize(sysfw)
 }
diff --git a/daemon/ui/config_utils.go b/daemon/ui/config_utils.go
@@ -231,13 +231,15 @@ func (c *Client) reloadConfiguration(reload bool, newConfig *config.Config) (err
 		log.Debug("[config] reloading config.firewall")
 		reloadFw = true
 
-		firewall.Reload(
+		if err := firewall.Reload(
 			newConfig.Firewall,
 			newConfig.FwOptions.ConfigPath,
 			newConfig.FwOptions.MonitorInterval,
 			newConfig.FwOptions.QueueBypass,
 			newConfig.FwOptions.QueueNum,
-		)
+		); err != nil {
+			log.Error("[config] firewall reload error: %s", err)
+		}
 	} else {
 		log.Debug("[config] config.firewall not changed")
 	}
