From 19756488ab157fc40971fe4f264bf68eed684235 Mon Sep 17 00:00:00 2001
From: Eric Leblond <eric@regit.org>
Date: Thu, 4 Oct 2012 11:06:33 +0200
Subject: [PATCH] nfq: close the queue when leaving acquisition.

This patch adds a call to close the queue when the acquisition
loop is ending. This way the incoming packets will be accepted
during all the shutdown phase (if the queue-bypass option of
NFQUEUE is used). At the same time the currently processed packets
will be dropped but the time scale are different: suricata will
drop 20 ms of packets and the shutdown can take 0.5 seconds.

Patch based on an idea of Victor Julien.
---
 src/source-nfq.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/src/source-nfq.c b/src/source-nfq.c
index ab22287e3f..373842fc96 100644
--- a/src/source-nfq.c
+++ b/src/source-nfq.c
@@ -839,6 +839,12 @@ TmEcode ReceiveNFQLoop(ThreadVars *tv, void *data, void *slot)
 
     while(1) {
         if (suricata_ctl_flags != 0) {
+            NFQMutexLock(nq);
+            if (nq->qh) {
+                nfq_destroy_queue(nq->qh);
+                nq->qh = NULL;
+            }
+            NFQMutexUnlock(nq);
             break;
         }
         NFQRecvPkt(nq, ntv);