<div dir="ltr"><div>There are two more places where we have iptables-restore.<br><br></div>see [CRIU] [PATCH] kdat: if iptables-restore has xtable lock support do wait on lock</div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><br>Best Regards, Tikhomirov Pavel.</div></div></div>
<br><div class="gmail_quote">2017-09-26 20:49 GMT+03:00 Kirill Tkhai <span dir="ltr"><<a href="mailto:ktkhai@virtuozzo.com" target="_blank">ktkhai@virtuozzo.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">New ip[6]tables-restore utils has this parameter,<br>
which allows to wait for xtables lock, if it's<br>
occupied. When they don't wait, then the restore<br>
of iptables fails.<br>
<br>
Old versions just ignore this parameter<br>
with error in stderr, but it does not make them<br>
fail. So, pass it unconditionally.<br>
<br>
Signed-off-by: Kirill Tkhai <<a href="mailto:ktkhai@virtuozzo.com">ktkhai@virtuozzo.com</a>><br>
---<br>
criu/net.c | 4 ++--<br>
1 file changed, 2 insertions(+), 2 deletions(-)<br>
<br>
diff --git a/criu/net.c b/criu/net.c<br>
index 68296c8a5..cb8f9dfd3 100644<br>
--- a/criu/net.c<br>
+++ b/criu/net.c<br>
@@ -1973,7 +1973,7 @@ static inline int restore_iptables(int pid)<br>
<br>
img = open_image(CR_FD_IPTABLES, O_RSTR, pid);<br>
if (img) {<br>
- ret = run_iptables_tool("iptables-<wbr>restore", img_raw_fd(img), -1);<br>
+ ret = run_iptables_tool("iptables-<wbr>restore -w", img_raw_fd(img), -1);<br>
close_image(img);<br>
}<br>
if (ret)<br>
@@ -1985,7 +1985,7 @@ static inline int restore_iptables(int pid)<br>
if (empty_image(img))<br>
goto out;<br>
<br>
- ret = run_iptables_tool("ip6tables-<wbr>restore", img_raw_fd(img), -1);<br>
+ ret = run_iptables_tool("ip6tables-<wbr>restore -w", img_raw_fd(img), -1);<br>
out:<br>
close_image(img);<br>
<br>
<br>
______________________________<wbr>_________________<br>
CRIU mailing list<br>
<a href="mailto:CRIU@openvz.org">CRIU@openvz.org</a><br>
<a href="https://lists.openvz.org/mailman/listinfo/criu" rel="noreferrer" target="_blank">https://lists.openvz.org/<wbr>mailman/listinfo/criu</a><br>
</blockquote></div><br></div>