diff options
| author | Dan Williams <dcbw@redhat.com> | 2017-04-10 12:35:18 -0500 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-04-14 01:05:44 +0200 |
| commit | 65801d02a482befd2745c792d6596ec75d434934 (patch) | |
| tree | 367ffad1e7c414007256a740794c4a3d986ce553 /iptables | |
| parent | 9cd3adbed2fd8cdb6366293f3799573b811be89b (diff) | |
iptables-restore.8: document -w/-W options
Fixes: 999eaa241212 ("iptables-restore: support acquiring the lock.")
Signed-off-by: Dan Williams <dcbw@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/iptables-restore.8.in | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/iptables/iptables-restore.8.in b/iptables/iptables-restore.8.in index bba505d8..f751492d 100644 --- a/iptables/iptables-restore.8.in +++ b/iptables/iptables-restore.8.in @@ -23,11 +23,13 @@ iptables-restore \(em Restore IP Tables .P ip6tables-restore \(em Restore IPv6 Tables .SH SYNOPSIS -\fBiptables\-restore\fP [\fB\-chntvV\fP] [\fB\-M\fP \fImodprobe\fP] -[\fB\-T\fP \fIname\fP] [\fBfile\fP] +\fBiptables\-restore\fP [\fB\-chntvV\fP] [\fB\-w\fP \fIsecs\fP] +[\fB\-W\fP \fIusecs\fP] [\fB\-M\fP \fImodprobe\fP] [\fB\-T\fP \fIname\fP] +[\fBfile\fP] .P -\fBip6tables\-restore\fP [\fB\-chntvV\fP] [\fB\-M\fP \fImodprobe\fP] -[\fB\-T\fP \fIname\fP] [\fBfile\fP] +\fBip6tables\-restore\fP [\fB\-chntvV\fP] [\fB\-w\fP \fIsecs\fP] +[\fB\-W\fP \fIusecs\fP] [\fB\-M\fP \fImodprobe\fP] [\fB\-T\fP \fIname\fP] +[\fBfile\fP] .SH DESCRIPTION .PP .B iptables-restore @@ -56,6 +58,21 @@ Print additional debug info during ruleset processing. \fB\-V\fP, \fB\-\-version\fP Print the program version number. .TP +\fB\-w\fP, \fB\-\-wait\fP [\fIseconds\fP] +Wait for the xtables lock. +To prevent multiple instances of the program from running concurrently, +an attempt will be made to obtain an exclusive lock at launch. By default, +the program will exit if the lock cannot be obtained. This option will +make the program wait (indefinitely or for optional \fIseconds\fP) until +the exclusive lock can be obtained. +.TP +\fB\-W\fP, \fB\-\-wait-interval\fP \fImicroseconds\fP +Interval to wait per each iteration. +When running latency sensitive applications, waiting for the xtables lock +for extended durations may not be acceptable. This option will make each +iteration take the amount of time specified. The default interval is +1 second. This option only works with \fB\-w\fP. +.TP \fB\-M\fP, \fB\-\-modprobe\fP \fImodprobe_program\fP Specify the path to the modprobe program. By default, iptables-restore will inspect /proc/sys/kernel/modprobe to determine the executable's path. |