[CRIU] [PATCH] net: block all traffic in internal network (v3)
Pavel Emelyanov
xemul at parallels.com
Thu Nov 19 05:54:58 PST 2015
> @@ -955,6 +955,89 @@ int netns_keep_nsfd(void)
> pr_info("Saved netns fd for links restore\n");
> return 0;
> }
> +#include <sys/types.h>
> +#include <sys/stat.h>
> +#include <fcntl.h>
Headers to head, please :)
> +
> +/*
> + * If we want to modify iptables, we need to recevied the current
> + * configuration, change it and load a new one into the kernel.
> + * iptables can change or add only one rule.
> + * iptables-restore allows to make a few changes for one iteration,
> + * so it works faster.
> + */
> +static int iptables_restore(bool ipv6, char *buf, int size)
More information about the CRIU
mailing list