Disable netfilter on bridged interfaces. (#512206)

author: Bill Nottingham <notting@redhat.com> 2009-07-31 09:39:12 -0400
committer: Bill Nottingham <notting@redhat.com> 2009-07-31 09:39:12 -0400
commit: af3d40e8a4293f83abe9efaf8995f28f3287c758 (patch)
tree: 71d6b0770a978028117fea5467658339851be55c /sysctl.conf
parent: fa2a1c8077d7835103f2412e3ef32947d1d988b2 (diff)
download: initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar
initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar.gz
initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar.bz2
initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar.xz
initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.zip
1 files changed, 5 insertions, 0 deletions
diff --git a/sysctl.conf b/sysctl.conf
index db98922f..5ab82d1b 100644
--- a/sysctl.conf
+++ b/sysctl.conf
@@ -18,3 +18,8 @@ kernel.sysrq = 0
 # Controls whether core dumps will append the PID to the core filename.
 # Useful for debugging multi-threaded applications.
 kernel.core_uses_pid = 1
+
+# Disable netfilter on bridges.
+net.bridge.bridge-nf-call-ip6tables = 0
+net.bridge.bridge-nf-call-iptables = 0
+net.bridge.bridge-nf-call-arptables = 0
author	Bill Nottingham <notting@redhat.com>	2009-07-31 09:39:12 -0400
committer	Bill Nottingham <notting@redhat.com>	2009-07-31 09:39:12 -0400
commit	af3d40e8a4293f83abe9efaf8995f28f3287c758 (patch)
tree	71d6b0770a978028117fea5467658339851be55c /sysctl.conf
parent	fa2a1c8077d7835103f2412e3ef32947d1d988b2 (diff)
download	initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar.gz initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar.bz2 initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.tar.xz initscripts-af3d40e8a4293f83abe9efaf8995f28f3287c758.zip