From e3cc00a51ff9a2febbcb8bccb4023f1123fb08d7 Mon Sep 17 00:00:00 2001
From: shw <shw@subgraph.com>
Date: Thu, 13 Apr 2017 22:31:24 +0000
Subject: [PATCH] Readme for testing fw-daemon with bridged traffic.

---
 README.testing | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 README.testing

diff --git a/README.testing b/README.testing
new file mode 100644
index 0000000..17c29e5
--- /dev/null
+++ b/README.testing
@@ -0,0 +1,4 @@
+iptables rules necessary to get bridge traffic routed through fw-daemon:
+
+iptables -t mangle -I PREROUTING 1 -m conntrack --ctstate NEW --proto tcp -j NFQUEUE --queue-num 0 --queue-bypass
+iptables -I FORWARD 1 -m mark --mark 0x1 -j REJECT --reject-with icmp-host-prohibited