What | Removed | Added |
---|---|---|
CC | nwr10cst-oslnx@yahoo.com | |
Flags | needinfo?(nwr10cst-oslnx@yahoo.com) |
@Neil, and everyone affected: I am sorry that this change is causing you trouble. The change was made because the kernel warns on every load of the bridge module otherwise. But of course a loss of connectivity is worse than having to read a warning message. I am discussing internally whether this change can be reverted. In the meantime, 00-system.conf is just a configuration file, so applying the change suggested in comment 2 is the preferred workaround for the time being. Could you please review your firewall rules? It seems that your setup depends on rules not applying to bridged packets. Are you using SuSEfirewall2 or firewalld? As for the sysctl settings in comment 4, I believe the sysctls are ignored because they are applied at system boot time, before the br_netfilter module is being loaded. That's easily reproduced; unloading and reloading br_netfilter restores the default setting (=1) even if these sysctl had been set to 0 in the meantime. A possible workaround is to make sure br_netfilter is loaded before running sysctl, e.g. by adding it to /etc/modules-load.d, or to create an "install" directive in /etc/modprobe.d: > cat >/etc/modprobe.d/br_netfilter.conf <<EOF > install br_netfilter /sbin/modprobe --ignore-install br_netfilter; sysctl -w net.bridge.bridge-nf-call-iptables=0 > EOF