Scott Bronson a écrit : > On Tue, Dec 15, 2015 at 5:06 AM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: >> >> JFYI: The br-nf thing was moved to a separated module since 3.18. So >> now this finally requires explicit modprobing. > > Thanks Pablo. Is this the right logic to use for all kernels? > > - if /proc/sys/net/bridge/bridge-nf-call-iptables doesn't exist > - modprobe br_netfilter > - echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables Why load br_netfilter if it is not needed ? I would do the following : modprobe bridge if /proc/sys/net/bridge/bridge-nf-call-iptables exists echo 0 > /proc/sys/net/bridge/bridge-nf-call-iptables -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
