On Thu, Apr 28, 2016 at 09:37:32AM +0800, Liping Zhang wrote:
> 2016-04-08 11:07 GMT+08:00 Subash Abhinov Kasiviswanathan <subashab@xxxxxxxxxxxxxx>:
> > @@ -257,10 +258,15 @@ bool xtables_lock(int wait)
> > return true;
> > else if (wait >= 0 && waited >= wait)
> > return false;
> > - if (++i % 2 == 0)
> > + if ((++i % 2 == 0) && (base_delay >= 200000))
> > fprintf(stderr, "Another app is currently holding the xtables lock; "
> > "waiting (%ds) for it to exit...\n", waited);
> > waited++;
> > - sleep(1);
>
> This break the "-w" option's semantic, i.e. if the user input
> "iptables -w 1", and concurrency happen,
> we will just only wait 10ms and return an error.
If there's any chance this patch can break existing setups then we
can't take this.
I'd suggest you add support to express millisecond precision using a
dot notation, ie.
-w .000001
that means 10 ms.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
