nfq: don't warn on 'handle_packet' error

NFQ can generate warnings/errors with a delay. After Suricata has
succesfully passed a verdict to the kernel, there are still things
that can go wrong for that verdict. This is then passed to the
queue through a netlink error message, which leads to nfq_handle_packet
returning an error code.

Suppress the warning. Also remove the errno/strerror use as
nfq_handle_packet does not set the errno.

Thanks to Florian Westphal.

Bug 3120.

diff --git a/src/source-nfq.c b/src/source-nfq.c
index 93b6dd50e260ca0810978978f718f04e2d96593d..44dbf7a6df7fd8b007eaeaee4236457cdcfca483 100644 (file)
--- a/src/source-nfq.c
+++ b/src/source-nfq.c
@@ -1003,10 +1003,8 @@ static void NFQRecvPkt(NFQQueueVars *t, NFQThreadVars *tv)
             ret = -1;
         }
         NFQMutexUnlock(t);
-
         if (ret != 0) {
-            SCLogWarning(SC_ERR_NFQ_HANDLE_PKT, "nfq_handle_packet error %"PRId32" %s",
-                    ret, strerror(errno));
+            SCLogDebug("nfq_handle_packet error %"PRId32, ret);
         }
     }
 }