diff options
Diffstat (limited to 'iptables/xshared.c')
-rw-r--r-- | iptables/xshared.c | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/iptables/xshared.c b/iptables/xshared.c index e61c28c8..6c9992ed 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -6,9 +6,15 @@ #include <stdio.h> #include <stdlib.h> #include <string.h> +#include <sys/socket.h> +#include <sys/un.h> +#include <unistd.h> #include <xtables.h> #include "xshared.h" +#define XT_SOCKET_NAME "xtables" +#define XT_SOCKET_LEN 8 + /* * Print out any special helps. A user might like to be able to add a --help * to the commandline, and see expected results. So we call help for all @@ -236,3 +242,30 @@ void xs_init_match(struct xtables_match *match) if (match->init != NULL) match->init(match->m); } + +bool xtables_lock(bool wait) +{ + int i = 0, ret, xt_socket; + struct sockaddr_un xt_addr; + + memset(&xt_addr, 0, sizeof(xt_addr)); + xt_addr.sun_family = AF_UNIX; + strcpy(xt_addr.sun_path+1, XT_SOCKET_NAME); + xt_socket = socket(AF_UNIX, SOCK_STREAM, 0); + /* If we can't even create a socket, fall back to prior (lockless) behavior */ + if (xt_socket < 0) + return true; + + while (1) { + ret = bind(xt_socket, (struct sockaddr*)&xt_addr, + offsetof(struct sockaddr_un, sun_path)+XT_SOCKET_LEN); + if (ret == 0) + return true; + else if (wait == false) + return false; + if (++i % 2 == 0) + fprintf(stderr, "Another app is currently holding the xtables lock; " + "waiting for it to exit...\n"); + sleep(1); + } +} |