Thanks for the b3 version! It restores the bionic implicit lock behavior (as if -w was given), but when given a specific value, in the end it ignores that it couldn't acquire the lock and moves on:
In all these tests, I have a lock held. We have a chain called "andreas". See how -L waits 1 second as I requested, but moves on, listing the chain: root@b1-iptables-restore-wait-lock:~# time iptables -L andreas -w 1 Chain andreas (0 references) target prot opt source destination real 0m1.005s user 0m0.004s sys 0m0.000s Now I delete the chain. This shouldn't work because another app is holding the lock: root@b1-iptables-restore-wait-lock:~# time iptables -X andreas -w 1 real 0m1.006s user 0m0.005s sys 0m0.000s Was it deleted? Let's list again, and it was: root@b1-iptables-restore-wait-lock:~# time iptables -L andreas -w 1 iptables: No chain/target/match by that name. real 0m1.005s user 0m0.004s sys 0m0.000s root@b1-iptables-restore-wait-lock:~# apt-cache policy iptables iptables: Installed: 1.6.1-2ubuntu2+testpkg20210629b3 Candidate: 1.6.1-2ubuntu2+testpkg20210629b3 Version table: *** 1.6.1-2ubuntu2+testpkg20210629b3 500 500 http://ppa.launchpad.net/slashd/lp1791958/ubuntu bionic/main amd64 Packages -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to iptables in Ubuntu. https://bugs.launchpad.net/bugs/1791958 Title: iptables-restore is missing -w option Status in iptables package in Ubuntu: Confirmed Bug description: For CRIU we need to have iptables version 1.6.2 which includes the '-w' option in iptables-restore. This is a request to update iptables to 1.6.2 in 18.10 and if possible backport the necessary changes to 18.04. The CRIU project gets right now many bug reports (mostly in the combination LXD + CRIU) due to the missing '-w' option in iptables- restore. Especially as 18.04 will be around for some time it would be good to have iptables-restore available with '-w'. This is one example bug report: https://github.com/checkpoint- restore/criu/issues/551 But not only CRIU would benefit from this change. It seems also problematic with Kubernetes: https://github.com/kubernetes/kubernetes/pull/60978 So if possible, please update iptables to 1.6.2 (or backport changes) to support -w in iptables-restore. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1791958/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp