network: wait for iptables lock instead of aborting

vif-route-qubes can be called simultaneously, for example in case of: - multiple domains startup - HVM startup (two interfaces: one to the target domain, second one to stubdom) If that happens, one of calls can fail because of iptables lock.
2015-04-21 04:41:57 +02:00 · 2015-04-21 04:41:57 +02:00 · c49d9283f0
commit c49d9283f0
parent f2cf6933b9
1 changed files with 1 additions and 1 deletions
--- a/network/vif-route-qubes
+++ b/network/vif-route-qubes
@ -53,7 +53,7 @@ if [ "${ip}" ] ; then
 	for addr in ${ip} ; do
 		${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} metric $metric
 	done
-	${cmdprefix} iptables -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
+	${cmdprefix} iptables -w -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
 	back_ip=`qubesdb-read /qubes-netvm-gateway`
 	${cmdprefix} ip addr ${ipcmd} ${back_ip}/32 dev ${vif}
 fi