From 1156d237508cd59185e73e24b12ced116470ab75 Mon Sep 17 00:00:00 2001
From: sdf8057 <54014465+sdf8057@users.noreply.github.com>
Date: Fri, 25 Nov 2022 03:00:18 +0800
Subject: [PATCH] ipq807x: disable br-nf after qca-nss-ecm start (#10488)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

qca-nss-ecm启动之后会开启网桥ipv4/ipv6的包过滤导致NAT loopback不可用。再次关闭网桥包过滤，以解决NAT loopback不可用的问题。
---
 .../ipq807x/base-files/etc/sysctl.d/99-bridge-nf-call.conf  | 6 ++++++
 1 file changed, 6 insertions(+)
 create mode 100644 target/linux/ipq807x/base-files/etc/sysctl.d/99-bridge-nf-call.conf

diff --git a/target/linux/ipq807x/base-files/etc/sysctl.d/99-bridge-nf-call.conf b/target/linux/ipq807x/base-files/etc/sysctl.d/99-bridge-nf-call.conf
new file mode 100644
index 000000000..af92caa64
--- /dev/null
+++ b/target/linux/ipq807x/base-files/etc/sysctl.d/99-bridge-nf-call.conf
@@ -0,0 +1,6 @@
+# disable bridge netfilter module
+
+net.bridge.bridge-nf-call-arptables=0
+net.bridge.bridge-nf-call-iptables=0
+net.bridge.bridge-nf-call-ip6tables=0
+