FYI: this's what's added to/etc/sysctl.conf by libvirtd with kvm on rhel/fedora:
# Disable netfilter on bridges. net.bridge.bridge-nf-call-ip6tables = 0 net.bridge.bridge-nf-call-iptables = 0 net.bridge.bridge-nf-call-arptables = 0 regards. On Tue, May 31, 2011 at 16:51, Tom Eastep <[email protected]> wrote: > On 5/31/11 7:36 AM, Farkas Levente wrote: > >> >> it's 0. should i've to set by hand in /etc/sysctl.conf? > > Yes, or in /etc/shorewall/init > >> (it'd be nice if shorewall can set it like net.ipv4.ip_forward). > > I had already added that code before I got your response :-) It will be > included in 4.4.20. > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > -- Levente "Si vis pacem para bellum!" ------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Discover what all the cheering's about. Get your free trial download today. http://p.sf.net/sfu/quest-dev2dev2 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
