From 1fd8d5f2e1577496f5431099589bd638ef5d5997 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Maciej=20=C5=BBenczykowski?= Date: Tue, 21 Apr 2020 01:15:42 -0700 Subject: iptables: flush stdout after every verbose log. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ensures that each logged line is flushed to stdout after it's written, and not held in any buffer. Places to modify found via: git grep -C5 'fputs[(]buffer, stdout[)];' On Android iptables-restore -v is run as netd daemon's child process and fed actions via pipe. '#PING' is used to verify the child is still responsive, and thus needs to be unbuffered. Luckily if you're running iptables-restore in verbose mode you probably either don't care about performance or - like Android - actually need this. Test: builds, required on Android for ip6?tables-restore netd subprocess health monitoring. Signed-off-by: Maciej Żenczykowski Signed-off-by: Pablo Neira Ayuso --- iptables/iptables-restore.c | 4 +++- iptables/xtables-restore.c | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c index b0a51d49..fea04842 100644 --- a/iptables/iptables-restore.c +++ b/iptables/iptables-restore.c @@ -178,8 +178,10 @@ ip46tables_restore_main(const struct iptables_restore_cb *cb, if (buffer[0] == '\n') continue; else if (buffer[0] == '#') { - if (verbose) + if (verbose) { fputs(buffer, stdout); + fflush(stdout); + } continue; } else if ((strcmp(buffer, "COMMIT\n") == 0) && (in_table)) { if (!testing) { diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index c472ac9b..8c25e5b2 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -85,8 +85,10 @@ static void xtables_restore_parse_line(struct nft_handle *h, if (buffer[0] == '\n') return; else if (buffer[0] == '#') { - if (verbose) + if (verbose) { fputs(buffer, stdout); + fflush(stdout); + } return; } else if (state->in_table && (strncmp(buffer, "COMMIT", 6) == 0) && -- cgit v1.2.3