ipset: minor refine

leiless · Sep 14, 2020 · 221382e · 221382e
1 parent 0f45c04
commit 221382e
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 9 deletions.
diff --git a/README.md b/README.md
@@ -167,7 +167,7 @@ Some of the options take a `DURATION` as argument, **zero time(i.e. `0`) duratio
 
 * `no_ipv6` specifies don't try to resolve `IPv6` addresses for DNS exchange in `bootstrap`, in other words, use `IPv4` only.
 
-* `ipset`(need *root* user privilege) specifies resolved IP address from `FROM...` will be added to ipset `SETNAME...`.
+* `ipset`(needs *root* user privilege) specifies resolved IP address from `FROM...` will be added to ipset `SETNAME...`.
 
     Note that only `IPv4`, `IPv6` protocol families are supported, and this option **only effective** on Linux.
 

diff --git a/ipset_linux.go b/ipset_linux.go
@@ -42,26 +42,22 @@ func ipsetSetup(u *reloadableUpstream) (err error) {
 	if u.ipset == nil {
 		return nil
 	}
+	if os.Geteuid() != 0 {
+		log.Warningf("ipset needs root user privilege to work")
+	}
 	ipset := u.ipset.(*ipsetHandle)
 	ipset.conn, err = goipset.Dial(netfilter.ProtoUnspec, nil)
 	if err != nil {
 		return err
 	}
-	if os.Geteuid() != 0 {
-		log.Warningf("ipset needs root user privilege to work")
-	}
 	return nil
 }
 
 func ipsetShutdown(u *reloadableUpstream) (err error) {
 	if u.ipset == nil {
 		return nil
 	}
-	err = u.ipset.(*ipsetHandle).conn.Close()
-	if err != nil {
-		return err
-	}
-	return nil
+	return u.ipset.(*ipsetHandle).conn.Close()
 }
 
 // Taken from https://github.com/missdeer/ipset/blob/master/reverter.go#L32 with modification