You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I was first thinking that my missing iptables rules are related to the bug FS#943. But it looks like firewall3 is not holding the iptables lock via the option "-w". This is unsafe because multiple iptables process may try to change a table at the same time and thus overwrite the final results of another iptables process.
The current iptables release is not supporting -w for iptables-restore and the mentioned commit is not easily backportable.
Unless the current iptables release is not implementing -w properly, we cannot support this feature. Consider protecting your other racing code with a call to "lock /var/run/fw3.lock".
charlemagnelasse:
I was first thinking that my missing iptables rules are related to the bug FS#943. But it looks like firewall3 is not holding the iptables lock via the option "-w". This is unsafe because multiple iptables process may try to change a table at the same time and thus overwrite the final results of another iptables process.
The -w functionality for iptables-restore can be found in https://git.netfilter.org/iptables/commit/?id=999eaa241212d3952ddff39a99d0d55a74e3639e
The text was updated successfully, but these errors were encountered: