def _iptables_restore(iptables_state, noflush=False):
"""Call iptable-restore with the provide tables dump
:param ``str`` iptables_state:
Table initialization to pass to iptables-restore
:param ``bool`` noflush:
*optional* Do not flush the table before loading the rules.
"""
# Use logical name (iptables_restore) of the real command.
cmd = ['iptables_restore']
if noflush:
cmd.append('--noflush')
subproc.invoke(cmd, cmd_input=iptables_state, use_except=True)
def _iptables_restore(iptables_state, noflush=False):
"""Call iptable-restore with the provide tables dump
:param ``str`` iptables_state:
Table initialization to pass to iptables-restore
:param ``bool`` noflush:
*optional* Do not flush the table before loading the rules.
"""
# Use logical name (iptables_restore) of the real command.
cmd = ['iptables_restore']
if noflush:
cmd.append('--noflush')
while True:
try:
res = subproc.invoke(cmd,
cmd_input=iptables_state,
use_except=True)
break
except subproc.CalledProcessError as err:
if err.returncode == _IPTABLES_EXIT_LOCKED:
_LOGGER.debug('xtable locked, retrying.')
# table locked, spin and try again
time.sleep(random.uniform(0, 1))
else:
raise
return res
def _ipset(*args, **kwargs):
"""Invoke the IPSet command.
"""
# Default to using exceptions.
kwargs.setdefault('use_except', True)
full_cmd = ['ipset'] + list(args)
return subproc.invoke(full_cmd, **kwargs)