Support iptables wait

Bug #1652163 reported by Christopher M Luciano on 2016-12-22
This bug affects 2 people
Affects Status Importance Assigned to Milestone

Bug Description

[This patch](https://www.spinics.net/lists/netfilter-devel/msg31867.html) references the addition of the -w flag that waits indefinitely for the xtables lock to be released. [Another patch](https://patchwork.ozlabs.org/patch/635676/) added the ability to add an interval to wait.
I would like to submit a patch to immplement the basics of adding the -w.

The iptables man page suggests that arguments are passed at the end of the command set. I was hoping to add logic to expect the wait command at the end of the argv list within and return wait = True when found. If wait = True, --wait would be appended to the cmd set around line 1154 in backend_iptables.py.

Open questions:
- Is there an ideal position for the wait string?
  - Trying to think ahead in case more iptables options are requested in the future
  - parser.py seems to want comments at the end in class UFWCommandRule
- Do patches that enable concurrent updates using ufw trump a -w patch?
  - Ex https://bugs.launchpad.net/debian/+source/ufw/+bug/1204579

Tags: dev Edit Tag help

Anyone have additional feedback on this?

Luke (lukepolo) wrote :

This would be a huge time saver, currently switched over to iptables while this fix is not in the current release

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers