[arch-general] What's the holdup on Linux 3.18?
Mauro Santos
registo.mailling at gmail.com
Thu Jan 8 19:18:25 UTC 2015
On 08-01-2015 18:57, Leonid Isaev wrote:
>
> BTW, to those updating, one notable (at least from my perspective) change with
> 3.18.y is the new module br_netfilter responsible for filtering traffic coming
> through a bridge. This module is not loaded automatically, so no firewall is
> enabled by default in bridges. Here is a dmesg snippet:
> ---
> kernel: [ 23.690774] bridge: automatic filtering via arp/ip/ip6tables has
> been deprecated. Update your scripts to load br_netfilter if you need this.
> ---
I'm not sure I'm reading it right and a quick google search doesn't turn
up much besides this[1]. Does this apply to filtering via iptables
(traffic from/to localhost to/from machines on the bridge) or more
specifically to ebtables (filter traffic between machines on the bridge)?
[1] http://ebtables.netfilter.org/documentation/bridge-nf.html
--
Mauro Santos
More information about the arch-general
mailing list