accept traffic to unmanaged bridge ports

author Dietmar Maurer <dietmar@proxmox.com>

Thu, 27 Feb 2014 07:54:11 +0000 (08:54 +0100)

committer Dietmar Maurer <dietmar@proxmox.com>

Thu, 27 Feb 2014 07:54:11 +0000 (08:54 +0100)
author Dietmar Maurer <dietmar@proxmox.com>
Thu, 27 Feb 2014 07:54:11 +0000 (08:54 +0100)
committer Dietmar Maurer <dietmar@proxmox.com>
Thu, 27 Feb 2014 07:54:11 +0000 (08:54 +0100)
diff --git a/PVE/Firewall.pm b/PVE/Firewall.pm

index 8cd8a1b..568b531 100644 (file)
--- a/PVE/Firewall.pm
+++ b/PVE/Firewall.pm
@@ -816,6 +816,8 @@ sub generate_bridge_chains {
         ruleset_create_chain($ruleset, "$bridge-IN");
         ruleset_addrule($ruleset, "$bridge-FW", "-m physdev --physdev-is-bridged --physdev-is-out -j $bridge-IN");
         ruleset_addrule($ruleset, "$bridge-FW", "-m mark --mark 1 -j ACCEPT");
+       # accept traffic to unmanaged bridge ports
+       ruleset_addrule($ruleset, "$bridge-FW", "-m physdev --physdev-is-bridged --physdev-is-out -j ACCEPT ");
      }
  }
author	Dietmar Maurer <dietmar@proxmox.com>
	Thu, 27 Feb 2014 07:54:11 +0000 (08:54 +0100)
committer	Dietmar Maurer <dietmar@proxmox.com>
	Thu, 27 Feb 2014 07:54:11 +0000 (08:54 +0100)