X-Git-Url: https://git.proxmox.com/?p=pve-firewall.git;a=blobdiff_plain;f=PVE%2FFirewall.pm;h=568b531ded09bc7000b7bc12f27a281ad9817552;hp=8cd8a1bf297e3e14896b5d12b77caab8a96088ff;hb=7323008d3b7d8f13ba06eea4faf92799693fbf77;hpb=faf7be7e9f130d6fc1b01cafe926ed971203ceea

diff --git a/PVE/Firewall.pm b/PVE/Firewall.pm
index 8cd8a1b..568b531 100644
--- a/PVE/Firewall.pm
+++ b/PVE/Firewall.pm
@@ -816,6 +816,8 @@ sub generate_bridge_chains {
 	ruleset_create_chain($ruleset, "$bridge-IN");
 	ruleset_addrule($ruleset, "$bridge-FW", "-m physdev --physdev-is-bridged --physdev-is-out -j $bridge-IN");
 	ruleset_addrule($ruleset, "$bridge-FW", "-m mark --mark 1 -j ACCEPT");
+	# accept traffic to unmanaged bridge ports
+	ruleset_addrule($ruleset, "$bridge-FW", "-m physdev --physdev-is-bridged --physdev-is-out -j ACCEPT ");
     }
 }