Use iptables trough iptc, enables rootless operation by adisbladis · Pull Request #41 · evilsocket/opensnitch (original) (raw)

When the daemon is stopped, we need to close opened netfilter recurses. Otherwise we can fall into a situation where we leave NFQUEUE queues opened, which causes opensnitch to not run anymore until system restart or a manual intervention, because there's a NFQUEUE queue already created with the same ID.

This is what was happening as a collateral effect of #41.