]> git.proxmox.com Git - pve-firewall.git/blobdiff - PVE/Firewall.pm
projects / pve-firewall.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
accept traffic to unmanaged bridge ports
[pve-firewall.git] / PVE / Firewall.pm
diff --git a/PVE/Firewall.pm b/PVE/Firewall.pm
index 8cd8a1bf297e3e14896b5d12b77caab8a96088ff..568b531ded09bc7000b7bc12f27a281ad9817552 100644 (file)
--- a/PVE/Firewall.pm
+++ b/PVE/Firewall.pm
@@ -816,6 +816,8 @@ sub generate_bridge_chains {
        ruleset_create_chain($ruleset, "$bridge-IN");
        ruleset_addrule($ruleset, "$bridge-FW", "-m physdev --physdev-is-bridged --physdev-is-out -j $bridge-IN");
        ruleset_addrule($ruleset, "$bridge-FW", "-m mark --mark 1 -j ACCEPT");
+       # accept traffic to unmanaged bridge ports
+       ruleset_addrule($ruleset, "$bridge-FW", "-m physdev --physdev-is-bridged --physdev-is-out -j ACCEPT ");
     }
 }
 
Firewall test scripts