From 30353eb466fe1ef768dc7bc1ccc1239b97dab70c Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>

Date: Tue, 7 Oct 2014 01:49:10 -0400

Subject: [PATCH] fedora: add bridge sysctl configuration

Udev rule is added to load those settings when the bridge

module is loaded.

https://bugzilla.redhat.com/show_bug.cgi?id=634736

---

 Makefile.am              | 8 ++++++--

 rules/.gitignore         | 1 +

 rules/99-bridge.rules.in | 9 +++++++++

 sysctl.d/50-bridge.conf  | 4 ++++

 4 files changed, 20 insertions(+), 2 deletions(-)

 create mode 100644 rules/99-bridge.rules.in

 create mode 100644 sysctl.d/50-bridge.conf

diff --git a/Makefile.am b/Makefile.am

index e52db1793b..41e94575ef 100644

--- a/Makefile.am

+++ b/Makefile.am

@@ -445,7 +445,8 @@ CLEANFILES += \

 	$(nodist_zshcompletion_DATA)

 dist_sysctl_DATA = \

-	sysctl.d/50-default.conf

+	sysctl.d/50-default.conf \

+	sysctl.d/50-bridge.conf

 dist_systemunit_DATA = \

 	units/graphical.target \

@@ -3281,7 +3282,8 @@ dist_udevrules_DATA += \

 	rules/95-udev-late.rules

 nodist_udevrules_DATA += \

-	rules/99-systemd.rules

+	rules/99-systemd.rules \

+	rules/99-bridge.rules

 dist_udevhwdb_DATA = \

 	hwdb/20-pci-vendor-model.hwdb \

@@ -3306,10 +3308,12 @@ sharepkgconfig_DATA = \

 EXTRA_DIST += \

 	rules/99-systemd.rules.in \

+	rules/99-bridge.rules.in \

 	src/udev/udev.pc.in

 CLEANFILES += \

 	rules/99-systemd.rules \

+	rules/99-bridge.rules \

 	src/udev/udev.pc

 EXTRA_DIST += \

diff --git a/rules/.gitignore b/rules/.gitignore

index 93a50ddd80..46c7f3ce91 100644

--- a/rules/.gitignore

+++ b/rules/.gitignore

@@ -1 +1,2 @@

 /99-systemd.rules

+/99-bridge.rules

diff --git a/rules/99-bridge.rules.in b/rules/99-bridge.rules.in

new file mode 100644

index 0000000000..f46f96bd2e

--- /dev/null

+++ b/rules/99-bridge.rules.in

@@ -0,0 +1,9 @@

+#  This file is part of systemd.

+#

+#  systemd is free software; you can redistribute it and/or modify it

+#  under the terms of the GNU Lesser General Public License as published by

+#  the Free Software Foundation; either version 2.1 of the License, or

+#  (at your option) any later version.

+

+# Apply sysctl settings to bridges

+ACTION=="add", SUBSYSTEM=="module", KERNEL=="bridge", RUN+="@rootlibexecdir@/systemd-sysctl --prefix=/net/bridge"

diff --git a/sysctl.d/50-bridge.conf b/sysctl.d/50-bridge.conf

new file mode 100644

index 0000000000..b586bf15fa

--- /dev/null

+++ b/sysctl.d/50-bridge.conf

@@ -0,0 +1,4 @@

+# Disable netfilter on bridges.

+net.bridge.bridge-nf-call-ip6tables = 0

+net.bridge.bridge-nf-call-iptables = 0

+net.bridge.bridge-nf-call-arptables = 0