On 17.03.2017 13:21, Dominik George wrote:
iptables -L FORWARD -nvChain FORWARD (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination X X ACCEPT all -- br0 br0 0.0.0.0/0 0.0.0.0/0What is that supposed to do? Forwarding on the IP layer, by definition, happens between different interfaces. Although this rule is most likely a no-op, you should remove it to reduce confusion.
This rule allows traffic to virtuals. Without this rule virtuals does not have access to LAN. Yes, I know that bridge setup does not need iptables, but reality is this.
-- Mimiko desu.