func (p *Policy) processPacket(pkt *nfqueue.Packet, proc *ProcInfo) {
p.lock.Lock()
defer p.lock.Unlock()
name := p.fw.dns.Lookup(pkt.Dst)
log.Info("Lookup(%s): %s", pkt.Dst.String(), name)
result := p.rules.filter(pkt, proc, name)
switch result {
case FILTER_DENY:
pkt.Mark = 1
pkt.Accept()
case FILTER_ALLOW:
pkt.Accept()
case FILTER_PROMPT:
p.processPromptResult(&pendingPkt{policy: p, hostname: name, pkt: pkt, proc: proc})
default:
log.Warning("Unexpected filter result: %d", result)
}
}
