Use iptables --wait only when it is supported

2015-04-28 00:51:05 +02:00 · 2015-04-28 00:51:05 +02:00 · 7adbc3fd59
commit 7adbc3fd59
parent 32374123cd
1 changed files with 5 additions and 1 deletions
--- a/network/vif-route-qubes
+++ b/network/vif-route-qubes
@ -47,13 +47,17 @@ domid=${domid/.*/}
 #  32752 is max XID aka domid
 metric=$[ 32752 - $domid ]

+if iptables --help |grep -q -- --wait; then
+    wait=--wait
+fi
+
 if [ "${ip}" ] ; then
 	# If we've been given a list of IP addresses, then add routes from dom0 to
 	# the guest using those addresses.
 	for addr in ${ip} ; do
 		${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} metric $metric
 	done
-	${cmdprefix} iptables -w -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
+	${cmdprefix} iptables $wait -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
 	back_ip=`qubesdb-read /qubes-netvm-gateway`
 	${cmdprefix} ip addr ${ipcmd} ${back_ip}/32 dev ${vif}
 fi