func (p *Policy) processPacket(pkt *nfqueue.Packet, proc *ProcInfo) { p.lock.Lock() defer p.lock.Unlock() name := p.fw.dns.Lookup(pkt.Dst) log.Info("Lookup(%s): %s", pkt.Dst.String(), name) result := p.rules.filter(pkt, proc, name) switch result { case FILTER_DENY: pkt.Mark = 1 pkt.Accept() case FILTER_ALLOW: pkt.Accept() case FILTER_PROMPT: p.processPromptResult(&pendingPkt{policy: p, hostname: name, pkt: pkt, proc: proc}) default: log.Warning("Unexpected filter result: %d", result) } }