Bug ID 1136725: An iptables CLI error

Last Modified: May 29, 2024

Affected Product(s):
F5OS F5OS-A, F5OS-C(all modules)

Known Affected Versions:
F5OS-A 1.1.1, F5OS-A 1.2.0, F5OS-A 1.3.0, F5OS-A 1.3.1, F5OS-A 1.3.2, F5OS-A 1.4.0, F5OS-A 1.5.0, F5OS-A 1.5.1, F5OS-C 1.2.1, F5OS-C 1.2.2, F5OS-C 1.3.0, F5OS-C 1.3.1, F5OS-C 1.3.2, F5OS-C 1.5.0, F5OS-C 1.5.1

Fixed In:
F5OS-C 1.6.0, F5OS-A 1.7.0, F5OS-A 1.5.2

Opened: Aug 16, 2022

Severity: 2-Critical

Symptoms

An iptables command error: [root@appliance(appliance.chassis.local) ~]# iptables -L Another app is currently holding the xtables lock. Perhaps you want to use the -w option?

Impact

The iptables can get disturbed. User may not be able to view the iptables.

Conditions

When a parallel iptables query is happening, this error displays.

Workaround

During iptables listing, it uses DNS and reverse DNS lookup if "-n" option is not used, which will make iptables hold the lock for longer durations.

Fix Information

Added "-n" option in all places where iptables listing is happening.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips