From 95ce6441d16864305ae3fdb984639703d3444364 Mon Sep 17 00:00:00 2001
From: d3m0k1d <d3m0k1d1337@gmail.com>
Date: Sun, 11 Jan 2026 19:41:04 +0300
Subject: [PATCH] Add

---
 .golangci.yml              | 21 +++++++++++++++++++++
 cmd/banforge/main.go       | 15 ++++++++++++---
 internal/blocker/ufw.go    | 13 ++++++++++---
 internal/config/sysconf.go | 16 ++++++++--------
 internal/config/types.go   |  4 ++--
 internal/logger/logger.go  |  1 -
 internal/parser/parser.go  |  7 +++++--
 7 files changed, 58 insertions(+), 19 deletions(-)
 create mode 100644 .golangci.yml

diff --git a/.golangci.yml b/.golangci.yml
new file mode 100644
index 0000000..ae7edd9
--- /dev/null
+++ b/.golangci.yml
@@ -0,0 +1,21 @@
+version: "2"
+run:
+  timeout: 5m
+  tests: false
+  build-tags:
+    - integration
+
+linters:
+  enable:
+    - errcheck
+    - errname
+    - govet
+    - staticcheck
+    - gosec
+
+formatters:
+  enable:
+    - gofmt
+    - goimports
+
+
diff --git a/cmd/banforge/main.go b/cmd/banforge/main.go
index 09e0a18..a432b15 100644
--- a/cmd/banforge/main.go
+++ b/cmd/banforge/main.go
@@ -2,8 +2,9 @@ package main
 
 import (
 	"fmt"
-	"github.com/spf13/cobra"
 	"os"
+
+	"github.com/spf13/cobra"
 )
 
 var rootCmd = &cobra.Command{
@@ -19,8 +20,16 @@ var initCmd = &cobra.Command{
 	Short: "Initialize BanForge",
 	Run: func(cmd *cobra.Command, args []string) {
 		fmt.Println("Initializing BanForge...")
-		os.Mkdir("/var/log/banforge", 0755)
-		os.Mkdir("/etc/banforge", 0755)
+		err := os.Mkdir("/var/log/banforge", 0750)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
+		err = os.Mkdir("/etc/banforge", 0750)
+		if err != nil {
+			fmt.Println(err)
+			os.Exit(1)
+		}
 	},
 }
 
diff --git a/internal/blocker/ufw.go b/internal/blocker/ufw.go
index f019f2b..67b1b47 100644
--- a/internal/blocker/ufw.go
+++ b/internal/blocker/ufw.go
@@ -1,8 +1,9 @@
 package blocker
 
 import (
-	"github.com/d3m0k1d/BanForge/internal/logger"
 	"os/exec"
+
+	"github.com/d3m0k1d/BanForge/internal/logger"
 )
 
 type Ufw struct {
@@ -16,7 +17,10 @@ func NewUfw(logger *logger.Logger) *Ufw {
 }
 
 func (ufw *Ufw) Ban(ip string) error {
-	validateIP(ip)
+	err := validateIP(ip)
+	if err != nil {
+		return err
+	}
 	cmd := exec.Command("sudo", "ufw", "--force", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
@@ -28,7 +32,10 @@ func (ufw *Ufw) Ban(ip string) error {
 }
 
 func (ufw *Ufw) Unban(ip string) error {
-	validateIP(ip)
+	err := validateIP(ip)
+	if err != nil {
+		return err
+	}
 	cmd := exec.Command("sudo", "ufw", "--force", "delete", "deny", "from", ip)
 	output, err := cmd.CombinedOutput()
 	if err != nil {
diff --git a/internal/config/sysconf.go b/internal/config/sysconf.go
index 90eefc2..e85e7cd 100644
--- a/internal/config/sysconf.go
+++ b/internal/config/sysconf.go
@@ -19,10 +19,6 @@ func CreateConf() error {
 		return fmt.Errorf("you must be root to run this command, use sudo/doas")
 	}
 
-	if err := os.MkdirAll(ConfigDir, 0755); err != nil {
-		return fmt.Errorf("failed to create config directory: %w", err)
-	}
-
 	configPath := filepath.Join(ConfigDir, ConfigFile)
 
 	if _, err := os.Stat(configPath); err == nil {
@@ -30,13 +26,17 @@ func CreateConf() error {
 		return nil
 	}
 
-	file, err := os.Create(configPath)
+	file, err := os.Create("/etc/banforge/config.toml")
 	if err != nil {
 		return fmt.Errorf("failed to create config file: %w", err)
 	}
-	defer file.Close()
-
-	if err := os.Chmod(configPath, 0644); err != nil {
+	defer func() {
+		err = file.Close()
+		if err != nil {
+			fmt.Println(err)
+		}
+	}()
+	if err := os.Chmod(configPath, 0600); err != nil {
 		return fmt.Errorf("failed to set permissions: %w", err)
 	}
 
diff --git a/internal/config/types.go b/internal/config/types.go
index 41e987c..77a5e7d 100644
--- a/internal/config/types.go
+++ b/internal/config/types.go
@@ -1,8 +1,8 @@
 package config
 
 type Firewall struct {
-	Name     string `toml:"name"`
-	Ban_time int    `toml:ban_time`
+	Name    string `toml:"name"`
+	BanTime int    `toml:"ban_time"`
 }
 
 type Service struct {
diff --git a/internal/logger/logger.go b/internal/logger/logger.go
index 288b850..447b70f 100644
--- a/internal/logger/logger.go
+++ b/internal/logger/logger.go
@@ -24,4 +24,3 @@ func New(debug bool) *Logger {
 		Logger: slog.New(handler),
 	}
 }
-
diff --git a/internal/parser/parser.go b/internal/parser/parser.go
index ffafff8..974515a 100644
--- a/internal/parser/parser.go
+++ b/internal/parser/parser.go
@@ -22,7 +22,7 @@ type Scanner struct {
 }
 
 func NewScanner(path string) (*Scanner, error) {
-	file, err := os.Open(path)
+	file, err := os.Open(path) // #nosec G304 -- admin tool, runs as root, path controlled by operator
 	if err != nil {
 		return nil, err
 	}
@@ -67,7 +67,10 @@ func (s *Scanner) Start() {
 func (s *Scanner) Stop() {
 	close(s.stopCh)
 	time.Sleep(150 * time.Millisecond)
-	s.file.Close()
+	err := s.file.Close()
+	if err != nil {
+		s.logger.Error("Failed to close file")
+	}
 	close(s.ch)
 }