09:29 <andi-> sphalerite: sysctl net.bridge.bridfe-nf-call-{arptables,iptables,ip6tables}

09:30 <andi-> check if any of these are set to 1n

09:30 <andi-> if that is the case you've to set the correct iptables rules for forwarding between interfaces on the bridge

10:52 <sphalerite> andi-: aaaah! I see! Thanks :)

12:36 <andi-> sphalerite: does it work?

12:46 <sphalerite> andi-: not tried yet — I put back the AP with the separate PoE injector yesterday evening because I wanted to be able to turn off my lights when going to bed without unplugging them :p

12:47 <sphalerite> but it makes a lot of sense, the sysctls are set and the firewall is configured to drop forwards