Qubes/core-agent-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

network: use iptables-restore --wait if available

Browse Source 
Avoid bailing out early if multiple instances of iptables-restore are
called simultaneously.

Fixes QubesOS/qubes-issues#3665
This commit is contained in:
Marek Marczykowski-Górecki 2018-05-24 04:23:51 +02:00
parent 5f81f0486d
commit 8f6bd245bd
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
1 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
network/qubes-iptables
View File

@ -42,9 +42,14 @@ start() {
# Do not start if there is no config file. # Do not start if there is no config file.
[ ! -f "$IPTABLES_DATA" ] && return 6 [ ! -f "$IPTABLES_DATA" ] && return 6
CMD_ARGS=
if "$CMD-restore" --help 2>&1 | grep -q wait=; then
CMD_ARGS=--wait
fi
echo -n $"${CMD}: Applying firewall rules: " echo -n $"${CMD}: Applying firewall rules: "
"$CMD-restore" "$IPTABLES_DATA" "$CMD-restore" $CMD_ARGS "$IPTABLES_DATA"
ret="$?" ret="$?"
if [ "$ret" -eq 0 ]; then if [ "$ret" -eq 0 ]; then
echo OK echo OK