This series adds support for -w and -W to ip[6]tables-restore, which currently do not perform any locking. The lock is not acquired on startup. Instead, it is acquired when a new table handle is created (on encountering '*') and released when the table is committed (COMMIT). This makes it possible to keep long-running iptables-restore processes in the background (for example, reading commands from a pipe opened by a system management daemon) and simultaneously run iptables commands. An example usage is Android's IptablesRestoreController.cpp. The first patch factors out to common functions the code that parses -w and -W, in order not to have to add more copies of it. The second patch actually adds support to iptables-restore. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
