https://sourceforge.net/p/fwbuilder/bug-reports-current-version/277/Recent changes to 277: Another app is currently holding the xtables lock.enTue, 06 Feb 2018 17:59:17 -0000https://sourceforge.net/p/fwbuilder/bug-reports-current-version/277/?limit=25#6bf3<div class="markdown_content"><p>This is because the the "-w" will only cause the task to give up after a defined number of seconds and risk security as the firewall may not have its complete rule set or it will still fail (but maybe less oftem) "-w <span>[seconds]</span> maximum wait to acquire xtables lock before give up" The newer version of IPtables nolonger sugests this as a work around. Also i would rather fix an issue than use a sticking plaster.</p> <p>I've found the code to replace in the file in reset_iptables.txt</p></div>Andrew WTue, 06 Feb 2018 17:59:17 -0000https://sourceforge.netf7e44a66360a9734525d8c5db78176f2e9967602https://sourceforge.net/p/fwbuilder/bug-reports-current-version/277/?limit=30#b9ed<div class="markdown_content"><p>What's wrong with using "-w" for iptables as suggested?</p></div>Rado QTue, 06 Feb 2018 10:37:03 -0000https://sourceforge.net8b41b564034610fb4bcd6e4f670f0d5f70371a61https://sourceforge.net/p/fwbuilder/bug-reports-current-version/277/?limit=25#fe34<div class="markdown_content"><p>I've just had the same issue, and this reolufix fixed it. Thanks Chris</p> <p>How can we get this put into the current release. In the mean time can I edit any files in the the curent release. I take it there are templates ?</p></div>Andrew WMon, 05 Feb 2018 18:54:06 -0000https://sourceforge.netff9785d52118a5af583447ab452aea98acbda70bhttps://sourceforge.net/p/fwbuilder/bug-reports-current-version/277/<div class="markdown_content"><p>Hi,</p> <p>It seems due to <a class="" href="http://https://patchwork.ozlabs.org/patch/246619/" rel="nofollow">this change </a> in iptables code <code>reset_iptables_v4()</code> function in generated <code>.fw</code> scripts fails with error:</p> <div class="codehilite"><pre>Activating firewall script generated Mon Nov 21 10:08:52 2016 by chris Running prolog script Another app is currently holding the xtables lock. Perhaps you want to use the -w option? </pre></div> <p>speficically this loop:</p> <div class="codehilite"><pre><span class="x"> </span><span class="p">$</span><span class="nv">IPTABLES</span><span class="x"> -t </span><span class="p">$</span><span class="nv">table</span><span class="x"> -L -n | while read c chain rest; do</span> <span class="x"> if test "X</span><span class="p">$</span><span class="nv">c</span><span class="x">" = "XChain" ; then</span> <span class="x"> </span><span class="p">$</span><span class="nv">IPTABLES</span><span class="x"> -t </span><span class="p">$</span><span class="nv">table</span><span class="x"> -F </span><span class="p">$</span><span class="nv">chain</span><span class="x"></span> <span class="x"> fi</span> <span class="x"> done</span> </pre></div> <p>creates race condition. The solution I found is to replace it with:</p> <div class="codehilite"><pre><span class="x"> chains_to_reset=`</span><span class="p">$</span><span class="nv">IPTABLES</span><span class="x"> -t </span><span class="p">$</span><span class="nv">table</span><span class="x"> -L -n`</span> <span class="x"> echo "</span><span class="p">$</span><span class="nv">chains_to_reset</span><span class="x">" | while IFS= read -r line; do</span> <span class="x"> c=`echo </span><span class="p">$</span><span class="nv">line</span><span class="x"> | cut -d' ' -f1`</span> <span class="x"> chain=`echo </span><span class="p">$</span><span class="nv">line</span><span class="x"> | cut -d' ' -f2`</span> <span class="x"> if test "X</span><span class="p">$</span><span class="nv">c</span><span class="x">" = "XChain" ; then</span> <span class="x"> </span><span class="p">$</span><span class="nv">IPTABLES</span><span class="x"> -t </span><span class="p">$</span><span class="nv">table</span><span class="x"> -F </span><span class="p">$</span><span class="nv">chain</span><span class="x"></span> <span class="x"> fi</span> <span class="x"> done</span> </pre></div> <p>Regards,<br/> Chris</p></div>Chris MaciejewskiMon, 21 Nov 2016 12:25:48 -0000https://sourceforge.neta70f9c698db261cb5afe35c846483210dc53bbbb