ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
"Not enough buffer");
exec_iptables_cmd(block_buf, pid);
+ wait_for_rule_cmd(*pid);
/* ip6tables rule */
ret = snprintf(block_buf, sizeof(block_buf), pattern, IP6TABLES, cmd, chain,
iftype_name, nfacct, jump);
ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
"Not enough buffer");
- return exec_ip6tables_cmd(block_buf, pid);
+ ret = exec_ip6tables_cmd(block_buf, pid);
+ wait_for_rule_cmd(*pid);
+
+ return ret;
}
static stc_error_e exec_app_cmd(const char *pattern, const char *cmd,
ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
"Not enough buffer");
exec_iptables_cmd(block_buf, pid);
+ wait_for_rule_cmd(*pid);
/* ip6tables rules */
ret = snprintf(block_buf, sizeof(block_buf), pattern, IP6TABLES, cmd,
iftype_name, classid, nfacct, jump);
ret_value_msg_if(ret > sizeof(block_buf), STC_ERROR_FAIL,
"Not enough buffer");
- return exec_ip6tables_cmd(block_buf, pid);
+ ret = exec_ip6tables_cmd(block_buf, pid);
+ wait_for_rule_cmd(*pid);
+
+ return ret;
}
static char *get_iptables_cmd(const nfacct_rule_action action)
* set new counter with that value, but it's minor issue,
* due it's not clear when actual counters was stored,
* and based on which value settings made such decition */
- wait_for_rule_cmd(pid);
rule->iptables_rule = nfacct_send_del;
set_finalize_flag(rule);
nfacct_send_get(rule);
" traffic, for classid %u, cmd %s, j %s",
rule->classid, set_cmd, jump_cmd);
if (action == NFACCT_ACTION_DELETE) {
- wait_for_rule_cmd(pid);
rule->iptables_rule = nfacct_send_del;
/* not effective, it's better to replace
* set_finalize_flag by set_property,
if (rule->intend == NFACCT_WARN ||
rule->intend == NFACCT_BLOCK) {
/* RULE_IFACE_OUT is not a misprint here */
- wait_for_rule_cmd(pid);
ret = exec_iface_cmd(RULE_IFACE_IN, set_cmd,
FORWARD_RULE, nfacct_buf, jump_cmd,
choose_iftype_name(rule), &pid);
/* tethering */
if (action == NFACCT_ACTION_DELETE) {
- wait_for_rule_cmd(pid);
rule->iptables_rule = nfacct_send_del;
set_finalize_flag(rule);
nfacct_send_get(rule);
ret_value_msg_if(ret > sizeof(nfacct_buf) || ret < 0,
STC_ERROR_FAIL, "Not enough buffer");
- wait_for_rule_cmd(pid);
ret = exec_iface_cmd(RULE_IFACE_OUT, set_cmd, OUT_RULE,
nfacct_buf, jump_cmd,
choose_iftype_name(rule), &pid);
/* for tethering */
if (rule->intend == NFACCT_WARN ||
rule->intend == NFACCT_BLOCK) {
- wait_for_rule_cmd(pid);
ret = exec_iface_cmd(RULE_IFACE_OUT, set_cmd,
FORWARD_RULE, nfacct_buf, jump_cmd,
choose_iftype_name(rule), &pid);
/* tethering */
if (action == NFACCT_ACTION_DELETE) {
- wait_for_rule_cmd(pid);
rule->iptables_rule = nfacct_send_del;
set_finalize_flag(rule);
nfacct_send_get(rule);