Difference between revisions of "CLI/opt/--network-lock"

From CRIU
Jump to: navigation, search
Line 5: Line 5:
 
: - <b>nftables</b>: Use nftables rules to drop the packets.
 
: - <b>nftables</b>: Use nftables rules to drop the packets.
  
[[Category:TCP_connection]]
+
[[Category:TCP connection]]
 
[[Category:CLI]]
 
[[Category:CLI]]

Revision as of 12:34, 8 August 2021

Set the method to be used for network locking/unlocking. Locking is done to ensure that tcp packets are dropped between dump and restore. This is done to avoid the kernel sending RST when a packet arrives destined for the dumped process.

Currently two methods are available:

- iptables: Use iptables rules to drop the packets. This is the default if 'method' is not specified.
- nftables: Use nftables rules to drop the packets.