Firewall bridge allways passes traffic to IP layer
Closed, ResolvedPublicFEATURE REQUEST
Actions

Assigned To

Authored By

	n.fort
	Jul 12 2024, 12:13 PM

Description

If firewall bridge is configured, traffic is always analyzed at IP layer too.
This is because currently sysctl parameter net.bridge.bridge-nf-call-iptables is set to 1

An option for editing this behavior/parameter needs to be included in firewall global-options

Details

Difficulty level: Unknown (require assessment)
Version: 1.5-rolling-202407100021
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Perfectly compatible
Issue type: Improvement (missing useful functionality)

Event Timeline

n.fort created this task.Jul 12 2024, 12:13 PM

n.fort changed the task status from Open to Confirmed.

n.fort changed Version from - to 1.5-rolling-202407100021.

pasik subscribed.Jul 12 2024, 9:46 PM

dmbaturin triaged this task as Normal priority.Jul 15 2024, 6:34 AM

dmbaturin added a project: Restricted Project.

HollyGurza claimed this task.Jul 18 2024, 12:49 PM

HollyGurza removed HollyGurza as the assignee of this task.Jul 18 2024, 1:06 PM

HollyGurza subscribed.

n.fort claimed this task.Jul 18 2024, 5:40 PM

n.fort changed the task status from Confirmed to In progress.Jul 24 2024, 5:41 PM

PR: https://github.com/vyos/vyos-1x/pull/3901

n.fort closed this task as Resolved.Aug 7 2024, 4:10 PM

n.fort moved this task from Need Triage to Backport Candidates on the VyOS 1.5 Circinus board.

Firewall bridge allways passes traffic to IP layerClosed, ResolvedPublicFEATURE REQUESTActions

Description

Details

Event Timeline

Firewall bridge allways passes traffic to IP layer
Closed, ResolvedPublicFEATURE REQUEST
Actions