chore: go mod tidy

This is a more graceful way to disable ENOBUFS reporting than
bed34f94be

README.ja.md

@@ -70,8 +70,6 @@ opkg install kmod-nft-queue kmod-nf-conntrack-netlink
 ```yaml
 io:
   queueSize: 1024
-  rcvBuf: 4194304
-  sndBuf: 4194304
   local: true # FORWARD チェーンで OpenGFW を実行したい場合は false に設定する
 
 workers:

README.md

@@ -74,8 +74,6 @@ opkg install kmod-nft-queue kmod-nf-conntrack-netlink
 ```yaml
 io:
   queueSize: 1024
-  rcvBuf: 4194304
-  sndBuf: 4194304
   local: true # set to false if you want to run OpenGFW on FORWARD chain
 
 workers:

README.zh.md

@@ -70,8 +70,6 @@ opkg install kmod-nft-queue kmod-nf-conntrack-netlink
 ```yaml
 io:
   queueSize: 1024
-  rcvBuf: 4194304
-  sndBuf: 4194304
   local: true # 如果需要在 FORWARD 链上运行 OpenGFW，请设置为 false
 
 workers:

cmd/root.go

@@ -168,10 +168,8 @@ type cliConfig struct {
 }
 
 type cliConfigIO struct {
-	QueueSize   uint32 `mapstructure:"queueSize"`
+	QueueSize uint32 `mapstructure:"queueSize"`
-	ReadBuffer  int    `mapstructure:"rcvBuf"`
+	Local     bool   `mapstructure:"local"`
-	WriteBuffer int    `mapstructure:"sndBuf"`
-	Local       bool   `mapstructure:"local"`
 }
 
 type cliConfigWorkers struct {
@@ -194,10 +192,8 @@ func (c *cliConfig) fillLogger(config *engine.Config) error {
 
 func (c *cliConfig) fillIO(config *engine.Config) error {
 	nfio, err := io.NewNFQueuePacketIO(io.NFQueuePacketIOConfig{
-		QueueSize:   c.IO.QueueSize,
+		QueueSize: c.IO.QueueSize,
-		ReadBuffer:  c.IO.ReadBuffer,
+		Local:     c.IO.Local,
-		WriteBuffer: c.IO.WriteBuffer,
-		Local:       c.IO.Local,
 	})
 	if err != nil {
 		return configError{Field: "io", Err: err}

go.mod

@@ -16,7 +16,6 @@ require (
 	github.com/stretchr/testify v1.8.4
 	go.uber.org/zap v1.26.0
 	golang.org/x/crypto v0.19.0
-	golang.org/x/sys v0.17.0
 	google.golang.org/protobuf v1.31.0
 	gopkg.in/yaml.v3 v3.0.1
 )
@@ -44,6 +43,7 @@ require (
 	golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect
 	golang.org/x/net v0.19.0 // indirect
 	golang.org/x/sync v0.5.0 // indirect
+	golang.org/x/sys v0.17.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 )

io/nfqueue.go

@@ -12,7 +12,6 @@ import (
 	"github.com/coreos/go-iptables/iptables"
 	"github.com/florianl/go-nfqueue"
 	"github.com/mdlayher/netlink"
-	"golang.org/x/sys/unix"
 )
 
 const (
@@ -97,10 +96,8 @@ type nfqueuePacketIO struct {
 }
 
 type NFQueuePacketIOConfig struct {
-	QueueSize   uint32
+	QueueSize uint32
-	ReadBuffer  int
+	Local     bool
-	WriteBuffer int
-	Local       bool
 }
 
 func NewNFQueuePacketIO(config NFQueuePacketIOConfig) (PacketIO, error) {
@@ -130,19 +127,9 @@ func NewNFQueuePacketIO(config NFQueuePacketIOConfig) (PacketIO, error) {
 	if err != nil {
 		return nil, err
 	}
-	if config.ReadBuffer > 0 {
+	err = n.Con.SetOption(netlink.NoENOBUFS, true)
-		err = n.Con.SetReadBuffer(config.ReadBuffer)
+	if err != nil {
-		if err != nil {
+		return nil, fmt.Errorf("failed to set NoENOBUFS option: %w", err)
-			_ = n.Close()
-			return nil, err
-		}
-	}
-	if config.WriteBuffer > 0 {
-		err = n.Con.SetWriteBuffer(config.WriteBuffer)
-		if err != nil {
-			_ = n.Close()
-			return nil, err
-		}
 	}
 	return &nfqueuePacketIO{
 		n:     n,
@@ -169,12 +156,6 @@ func (n *nfqueuePacketIO) Register(ctx context.Context, cb PacketCallback) error
 			return okBoolToInt(cb(p, nil))
 		},
 		func(e error) int {
-			if opErr := (*netlink.OpError)(nil); errors.As(e, &opErr) {
-				if errors.Is(opErr.Err, unix.ENOBUFS) {
-					// Kernel buffer temporarily full, ignore
-					return 0
-				}
-			}
 			return okBoolToInt(cb(nil, e))
 		})
 	if err != nil {