From 86d10d306967922be894ddd19fcf49382a522b75 Mon Sep 17 00:00:00 2001 From: Andrew Butcher Date: Mon, 23 Jan 2017 14:24:56 -0500 Subject: [os_firewall] Add -w flag to wait for iptables xtables lock. --- roles/os_firewall/library/os_firewall_manage_iptables.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'roles/os_firewall/library') diff --git a/roles/os_firewall/library/os_firewall_manage_iptables.py b/roles/os_firewall/library/os_firewall_manage_iptables.py index 8ba650994..4ba38b721 100755 --- a/roles/os_firewall/library/os_firewall_manage_iptables.py +++ b/roles/os_firewall/library/os_firewall_manage_iptables.py @@ -223,7 +223,9 @@ class IpTablesManager(object): # pylint: disable=too-many-instance-attributes def gen_cmd(self): cmd = 'iptables' if self.ip_version == 'ipv4' else 'ip6tables' - return ["/usr/sbin/%s" % cmd] + # Include -w (wait for xtables lock) in default arguments. + default_args = '-w' + return ["/usr/sbin/%s %s" % (cmd, default_args)] def gen_save_cmd(self): # pylint: disable=no-self-use return ['/usr/libexec/iptables/iptables.init', 'save'] -- cgit v1.2.3