Fixes: #11301
Signed-off-by: Jonatan Schlag jonatan.schlag@ipfire.org --- config/etc/sysctl.conf | 5 +++++ config/rootfiles/core/110/filelists/files | 1 + 2 files changed, 6 insertions(+)
diff --git a/config/etc/sysctl.conf b/config/etc/sysctl.conf index e2e3d81..ad56240 100644 --- a/config/etc/sysctl.conf +++ b/config/etc/sysctl.conf @@ -34,3 +34,8 @@ net.ipv6.conf.default.disable_ipv6 = 1
# Enable netfilter accounting net.netfilter.nf_conntrack_acct=1 + +# Disable netfilter on bridges. +net.bridge.bridge-nf-call-ip6tables = 0 +net.bridge.bridge-nf-call-iptables = 0 +net.bridge.bridge-nf-call-arptables = 0 diff --git a/config/rootfiles/core/110/filelists/files b/config/rootfiles/core/110/filelists/files index b996e48..f06b6d5 100644 --- a/config/rootfiles/core/110/filelists/files +++ b/config/rootfiles/core/110/filelists/files @@ -2,6 +2,7 @@ etc/system-release etc/issue etc/httpd/conf/server-tuning.conf etc/rc.d/init.d/unbound +etc/sysctl.conf srv/web/ipfire/cgi-bin/index.cgi srv/web/ipfire/cgi-bin/vpnmain.cgi usr/lib/libssp.so.0