[CRIU] [PATCH] netfilter: add -n to iptables and ip6tables calls
Saied Kazemi
saied at google.com
Fri Mar 11 16:02:00 PST 2016
To preload netfilter modules, criu runs "iptables -L" and "ip6tables -L"
before starting to dump or restore a process tree.
On systems with many entries, the above commands without the -n option
take a long time because of lengthy DNS lookups.
Signed-off-by: Saied Kazemi <saied at google.com>
---
criu/netfilter.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/criu/netfilter.c b/criu/netfilter.c
index 865a12f..312b4aa 100644
--- a/criu/netfilter.c
+++ b/criu/netfilter.c
@@ -39,9 +39,9 @@ void preload_netfilter_modules(void)
pr_perror("failed to open /dev/null, using log fd for net module preload");
}
cr_system(fd, fd, fd, iptable_cmd_ipv4,
- (char *[]) { iptable_cmd_ipv4, "-L", NULL}, 0);
+ (char *[]) { iptable_cmd_ipv4, "-L", "-n", NULL}, 0);
cr_system(fd, fd, fd, iptable_cmd_ipv6,
- (char *[]) { iptable_cmd_ipv6, "-L", NULL}, 0);
+ (char *[]) { iptable_cmd_ipv6, "-L", "-n", NULL}, 0);
close_safe(&fd);
}
--
2.7.0.rc3.207.g0ac5344
More information about the CRIU
mailing list