The Problem
Updating the package iptables to iptables-1.4.7-16.0.3.el6, the service fails to start after a stop.
# service iptables stop iptables: Setting chains to policy ACCEPT: filter [ OK ] iptables: Flushing firewall rules: [ OK ] iptables: Unloading modules: [ OK ]
# service iptables start iptables: Applying firewall rules: Another app is currently holding the xtables lock. Perhaps you want to use the -w option? [FAILED]
The Solution
Iptables is being lock, and is creating this behavior. The reason of the lock:
iptables-restore < /etc/sysconfig/iptables
deadlocks itself.
This is a code bug of package iptables, as workaround there are 2 options:
Option 1. Downgrade the iptables to the previous version:
# yum downgrade iptables ip6tables
Option 2. RedHat development team provides a fix (At this moment the fix has not been released)
1. Download the fix.
2. Before applying the fix read the file README with the instructions.
3. If any enquiry or issue about this patch, please contact global RedHat support line.