net: add wait to iptables command to fix race

when run several tests simultaneousely it seem that some iptables commands can intersect and if we do not wait xtables lock criu fails: (00.009263) Running iptables [iptables -t filter -A INPUT --protocol tcp --source 127.0.0.1 --sport 55074 --destination 127.0.0.1 --dport 8880 -j DROP] Another app is currently holding the xtables lock. Perhaps you want to use the -w option? (00.014367) Error (util.c:660): exited, status=4 (00.014416) Error (netfilter.c:88): Iptables configuration failed: Success (00.014432) ---------------------------------------- (00.014461) Error (cr-dump.c:1297): Dump files (pid: 24) failed with -1 https://ci.openvz.org/job/CRIU/job/CRIU-virtuozzo/branch/criu-dev/3/Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com> Acked-by: Andrew Vagin <avagin@virtuozzo.com> Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>

net: add wait to iptables command to fix race
when run several tests simultaneousely it seem that some iptables commands can intersect and if we do not wait xtables lock criu fails: (00.009263) Running iptables [iptables -t filter -A INPUT --protocol tcp --source 127.0.0.1 --sport 55074 --destination 127.0.0.1 --dport 8880 -j DROP] Another app is currently holding the xtables lock. Perhaps you want to use the -w option? (00.014367) Error (util.c:660): exited, status=4 (00.014416) Error (netfilter.c:88): Iptables configuration failed: Success (00.014432) ---------------------------------------- (00.014461) Error (cr-dump.c:1297): Dump files (pid: 24) failed with -1 https://ci.openvz.org/job/CRIU/job/CRIU-virtuozzo/branch/criu-dev/3/Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com> Acked-by: Andrew Vagin <avagin@virtuozzo.com> Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
df5a2f26 · Pavel Tikhomirov · Pavel Emelyanov · 76a6b0c4 · df5a2f26
Commit df5a2f26 authored May 31, 2016 by Pavel Tikhomirov Committed by Pavel Emelyanov Jul 05, 2016
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

netfilter.c criu/netfilter.c +1 -1

No files found.
--- a/criu/netfilter.c
+++ b/criu/netfilter.c
@@ -20,7 +20,7 @@ static char buf[512];
 * ANy brave soul to write it using xtables-devel?
 */

-static const char *nf_conn_cmd = "%s -t filter %s %s --protocol tcp "
+static const char *nf_conn_cmd = "%s -w -t filter %s %s --protocol tcp "
 	"--source %s --sport %d --destination %s --dport %d -j DROP";

 static char iptable_cmd_ipv4[] = "iptables";