diff --git a/package/base-files/files/etc/sysctl.conf b/package/base-files/files/etc/sysctl.conf
index ae04212f4..1d9efdf50 100644
--- a/package/base-files/files/etc/sysctl.conf
+++ b/package/base-files/files/etc/sysctl.conf
@@ -1 +1,6 @@
 # Defaults are configured in /etc/sysctl.d/* and can be customized in this file
+
+# disable bridge firewalling.(Fixed the problem that even if br-netfilter is disabled in package/kernel/linux/files/sysctl-br-netfilter.conf, NAT loopback will still fail. This applies to OpenWrt with Docker)
+net.bridge.bridge-nf-call-arptables = 0
+net.bridge.bridge-nf-call-ip6tables = 0
+net.bridge.bridge-nf-call-iptables = 0