gluon-ebtables: Enable concurrent ebtables updates

This enables the ebtables internal locking mechanism which will avoid race conditions between multiple, concurrent ebtables calls. This is a preparation for the upcoming gluon-arp-limiter daemon, to avoid issues if upon restarting gluon-ebtables the gluon-arp-limiter daemon tries to modify the tables. Signed-off-by: Linus Lüssing <linus.luessing@c0d3.blue>
2017-11-26 22:40:02 +01:00 · 2017-11-26 22:40:02 +01:00 · 4911da56e1
commit 4911da56e1
parent cb03183284
1 changed files with 8 additions and 4 deletions
--- a/package/gluon-ebtables/files/etc/init.d/gluon-ebtables
+++ b/package/gluon-ebtables/files/etc/init.d/gluon-ebtables
@ -51,8 +51,12 @@ exec_all() {

 start() {
 	(
-		export EBTABLES_RULE='"ebtables -t " .. table .. " -A " .. command'
-		export EBTABLES_CHAIN='"ebtables -t " .. table .. "  -N " .. name .. " -P " .. policy'
+		export EBTABLES_RULE='"ebtables --concurrent -t " .. table .. " -A " .. command'
+		export EBTABLES_CHAIN='"ebtables --concurrent -t " .. table .. "  -N " .. name .. " -P " .. policy'
+
+		# Contains /var/lib/ebtables/lock for '--concurrent'
+		[ ! -d "/var/lib/ebtables" ] && \
+			mkdir -p /var/lib/ebtables

 		if [ -z "$1" ]; then
 			exec_all ''
@ -64,8 +68,8 @@ start() {

 stop() {
 	(
-		export EBTABLES_RULE='"ebtables -t " ..	table .. " -D " .. command'
-		export EBTABLES_CHAIN='"ebtables -t " .. table .. " -X " .. name'
+		export EBTABLES_RULE='"ebtables --concurrent -t " ..	table .. " -D " .. command'
+		export EBTABLES_CHAIN='"ebtables --concurrent -t " .. table .. " -X " .. name'

 		if [ -z "$1" ]; then
 			exec_all '-r'