netfilter: do not unbind the queues on exit

On exit we were calling nfq_unbind_pf for AF_INET and AF_INET6, which usually stcuked the daemon for a very long time, and other times caused a segfault. According to the docs (..), calling nfq_destroy_queue() is enough to exit cleanly: "This call also unbind from the nfqueue handler, so you don't have to call nfq_unbind_pf." https://netfilter.org/projects/libnetfilter_queue/doxygen/html/group__Queue.html#ga32a1461e9a36c95a03cb4476109f33bb Closes #919
2025-03-04 00:24:40 +01:00 · 2023-12-05 01:16:38 +01:00 · 2023-12-05 01:16:38 +01:00 · 430c280687
commit 430c280687
parent d7c7a08d6f
1 changed files with 0 additions and 2 deletions
--- a/daemon/netfilter/queue.go
+++ b/daemon/netfilter/queue.go
@ -163,8 +163,6 @@ func (q *Queue) destroy() {
 		}
 		os.Exit(0)
 	})
-	C.nfq_unbind_pf(q.h, AF_INET)
-	C.nfq_unbind_pf(q.h, AF_INET6)
 	if q.qh != nil {
 		if ret := C.nfq_destroy_queue(q.qh); ret != 0 {
 			log.Warning("Queue.destroy() idx=%d, nfq_destroy_queue() not closed: %d", q.idx, ret)