fix: resolve clippy errors in Linux-only firewall modules

- Remove unused imports in nftables.rs, quarantine.rs
- Replace inherent to_string() with Display trait for NfTable
- Remove needless borrows in .args() calls (iptables.rs, nftables.rs)
- Prefix unused variables with underscore (response.rs)
- Add error() getter to ResponseLog

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: vsilent

src/firewall/iptables.rs

@@ -72,7 +72,7 @@ impl IptablesBackend {
     /// Create a chain
     pub fn create_chain(&self, chain: &IptChain) -> Result<()> {
         let output = Command::new("iptables")
-            .args(&["-t", &chain.table, "-N", &chain.name])
+            .args(["-t", &chain.table, "-N", &chain.name])
             .output()
             .context("Failed to create iptables chain")?;
 
@@ -89,7 +89,7 @@ impl IptablesBackend {
     /// Delete a chain
     pub fn delete_chain(&self, chain: &IptChain) -> Result<()> {
         let output = Command::new("iptables")
-            .args(&["-t", &chain.table, "-X", &chain.name])
+            .args(["-t", &chain.table, "-X", &chain.name])
             .output()
             .context("Failed to delete iptables chain")?;
 
@@ -148,7 +148,7 @@ impl IptablesBackend {
     /// Flush a chain
     pub fn flush_chain(&self, chain: &IptChain) -> Result<()> {
         let output = Command::new("iptables")
-            .args(&["-t", &chain.table, "-F", &chain.name])
+            .args(["-t", &chain.table, "-F", &chain.name])
             .output()
             .context("Failed to flush iptables chain")?;
 
@@ -165,7 +165,7 @@ impl IptablesBackend {
     /// List rules in a chain
     pub fn list_rules(&self, chain: &IptChain) -> Result<Vec<String>> {
         let output = Command::new("iptables")
-            .args(&["-t", &chain.table, "-L", &chain.name, "-n"])
+            .args(["-t", &chain.table, "-L", &chain.name, "-n"])
             .output()
             .context("Failed to list iptables rules")?;
 

src/firewall/nftables.rs

@@ -5,7 +5,7 @@
 use anyhow::{Context, Result};
 use std::process::Command;
 
-use crate::firewall::backend::{FirewallBackend, FirewallChain, FirewallRule, FirewallTable};
+use crate::firewall::backend::FirewallBackend;
 
 /// nftables table
 #[derive(Debug, Clone)]
@@ -21,9 +21,11 @@ impl NfTable {
             name: name.into(),
         }
     }
+}
 
-    fn to_string(&self) -> String {
-        format!("{} {}", self.family, self.name)
+impl std::fmt::Display for NfTable {
+    fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
+        write!(f, "{} {}", self.family, self.name)
     }
 }
 
@@ -94,7 +96,7 @@ impl NfTablesBackend {
     /// Create a table
     pub fn create_table(&self, table: &NfTable) -> Result<()> {
         let output = Command::new("nft")
-            .args(&["add", "table", &table.to_string()])
+            .args(["add", "table", &table.to_string()])
             .output()
             .context("Failed to create nftables table")?;
 
@@ -111,7 +113,7 @@ impl NfTablesBackend {
     /// Delete a table
     pub fn delete_table(&self, table: &NfTable) -> Result<()> {
         let output = Command::new("nft")
-            .args(&["delete", "table", &table.to_string()])
+            .args(["delete", "table", &table.to_string()])
             .output()
             .context("Failed to delete nftables table")?;
 
@@ -135,7 +137,7 @@ impl NfTablesBackend {
         );
 
         let output = Command::new("nft")
-            .args(&["-c", &cmd])
+            .args(["-c", &cmd])
             .output()
             .context("Failed to create nftables chain")?;
 
@@ -154,7 +156,7 @@ impl NfTablesBackend {
         let cmd = format!("delete chain {} {}", chain.table.to_string(), chain.name);
 
         let output = Command::new("nft")
-            .args(&["-c", &cmd])
+            .args(["-c", &cmd])
             .output()
             .context("Failed to delete nftables chain")?;
 
@@ -178,7 +180,7 @@ impl NfTablesBackend {
         );
 
         let output = Command::new("nft")
-            .args(&["-c", &cmd])
+            .args(["-c", &cmd])
             .output()
             .context("Failed to add nftables rule")?;
 
@@ -202,7 +204,7 @@ impl NfTablesBackend {
         );
 
         let output = Command::new("nft")
-            .args(&["-c", &cmd])
+            .args(["-c", &cmd])
             .output()
             .context("Failed to delete nftables rule")?;
 
@@ -229,7 +231,7 @@ impl NfTablesBackend {
         let cmd = format!("flush chain {} {}", chain.table.to_string(), chain.name);
 
         let output = Command::new("nft")
-            .args(&["-c", &cmd])
+            .args(["-c", &cmd])
             .output()
             .context("Failed to flush nftables chain")?;
 
@@ -248,7 +250,7 @@ impl NfTablesBackend {
         let cmd = format!("list chain {} {}", chain.table.to_string(), chain.name);
 
         let output = Command::new("nft")
-            .args(&["-c", &cmd])
+            .args(["-c", &cmd])
             .output()
             .context("Failed to list nftables rules")?;
 

src/firewall/quarantine.rs

@@ -2,12 +2,12 @@
 //!
 //! Isolates compromised containers
 
-use anyhow::{Context, Result};
+use anyhow::Result;
 use chrono::{DateTime, Utc};
 use std::collections::HashMap;
 use std::sync::{Arc, RwLock};
 
-use crate::firewall::nftables::{NfChain, NfRule, NfTable, NfTablesBackend};
+use crate::firewall::nftables::{NfChain, NfTable, NfTablesBackend};
 
 /// Quarantine state
 #[derive(Debug, Clone, Copy, PartialEq, Eq)]

src/firewall/response.rs

@@ -215,9 +215,9 @@ impl ResponseExecutor {
 
     /// Execute a response action
     pub fn execute(&mut self, action: &ResponseAction) -> Result<()> {
-        let start = Utc::now();
+        let _start = Utc::now();
         let result = action.execute();
-        let end = Utc::now();
+        let _end = Utc::now();
 
         // Log the execution
         let log_entry = ResponseLog::new(
@@ -286,6 +286,10 @@ impl ResponseLog {
         self.success
     }
 
+    pub fn error(&self) -> Option<&str> {
+        self.error.as_deref()
+    }
+
     pub fn timestamp(&self) -> DateTime<Utc> {
         self.timestamp
     }