diff options
| author | Kali Kaneko <kali@leap.se> | 2014-05-08 17:19:01 -0500 |
|---|---|---|
| committer | Kali Kaneko <kali@leap.se> | 2014-05-12 11:25:31 -0500 |
| commit | 66c94c7533a81cf9512b41090ccab4ee8360e611 (patch) | |
| tree | 314b0d3a57cc2741585d1fd95013c9f5615b8edd /src/leap/bitmask/backend.py | |
| parent | 745ae7f55836ff331d9176b52cc98df451a3c2ef (diff) | |
wait on shutdown until firewall is down
Diffstat (limited to 'src/leap/bitmask/backend.py')
| -rw-r--r-- | src/leap/bitmask/backend.py | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/src/leap/bitmask/backend.py b/src/leap/bitmask/backend.py index bd26bb1c..41fdc06e 100644 --- a/src/leap/bitmask/backend.py +++ b/src/leap/bitmask/backend.py @@ -17,8 +17,10 @@ """ Backend for everything """ +import commands import logging import os +import time from functools import partial from Queue import Queue, Empty @@ -32,6 +34,7 @@ import zope.interface from leap.bitmask.config.providerconfig import ProviderConfig from leap.bitmask.crypto.srpauth import SRPAuth from leap.bitmask.crypto.srpregister import SRPRegister +from leap.bitmask.platform_init import IS_LINUX from leap.bitmask.provider import get_provider_path from leap.bitmask.provider.providerbootstrapper import ProviderBootstrapper from leap.bitmask.services.eip import eipconfig @@ -366,6 +369,34 @@ class EIP(object): Stop the service. """ self._vpn.terminate(shutdown) + if IS_LINUX: + self._wait_for_firewall_down() + + def _wait_for_firewall_down(self): + """ + Wait for the firewall to come down. + """ + # Due to how we delay the resolvconf action in linux. + # XXX this *has* to wait for a reasonable lapse, since we have some + # delay in vpn.terminate. + # For a better solution it should be signaled from backend that + # everything is clear to proceed, or a timeout happened. + MAX_FW_WAIT_RETRIES = 25 + FW_WAIT_STEP = 0.5 + + retry = 0 + + fw_up_cmd = "pkexec /usr/sbin/bitmask-root firewall isup" + fw_is_down = lambda: commands.getstatusoutput(fw_up_cmd)[0] == 256 + + while retry < MAX_FW_WAIT_RETRIES: + if fw_is_down(): + return + else: + time.sleep(FW_WAIT_STEP) + retry += 1 + logger.warning("After waiting, firewall is not down... " + "You might experience lack of connectivity") def terminate(self): """ |