From 7adbc3fd592b4ae31f2ae57d7583fb9058a74460 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Marek=20Marczykowski-G=C3=B3recki?=
 <marmarek@invisiblethingslab.com>
Date: Tue, 28 Apr 2015 00:51:05 +0200
Subject: [PATCH] Use iptables --wait only when it is supported

---
 network/vif-route-qubes | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/network/vif-route-qubes b/network/vif-route-qubes
index 57cd33e..c84b324 100755
--- a/network/vif-route-qubes
+++ b/network/vif-route-qubes
@@ -47,13 +47,17 @@ domid=${domid/.*/}
 #  32752 is max XID aka domid
 metric=$[ 32752 - $domid ]
 
+if iptables --help |grep -q -- --wait; then
+    wait=--wait
+fi
+
 if [ "${ip}" ] ; then
 	# If we've been given a list of IP addresses, then add routes from dom0 to
 	# the guest using those addresses.
 	for addr in ${ip} ; do
 		${cmdprefix} ip route ${ipcmd} ${addr} dev ${vif} metric $metric
 	done
-	${cmdprefix} iptables -w -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
+	${cmdprefix} iptables $wait -t raw $iptables_cmd -i ${vif} \! -s ${ip} -j DROP
 	back_ip=`qubesdb-read /qubes-netvm-gateway`
 	${cmdprefix} ip addr ${ipcmd} ${back_ip}/32 dev ${vif}
 fi