nfqws: conntrack workaround TTL=1

2025-08-10 01:02:03 +03:00 · 2025-05-09 11:17:21 +03:00
parent 691a501b0d
commit 729ded0c61
2 changed files with 13 additions and 6 deletions
--- a/nfq/nfqws.c
+++ b/nfq/nfqws.c
@@ -296,6 +296,7 @@ static int nfq_main(void)
 		return 1;
 	}

+	sec_harden();
 	if (params.droproot && !droproot(params.uid, params.gid) || !dropcaps())
 		goto err;
 	print_id();
@@ -307,9 +308,6 @@ static int nfq_main(void)

 	if (params.daemon) daemonize();

-	// do it only after daemonize because daemonize needs fork
-	sec_harden();
-
 	if (Fpid)
 	{
 		if (fprintf(Fpid, "%d", getpid())<=0)