You are trying to do something evil by making a bridge pretend it is the host on its other side. Do not do that. Just fix the upstream firewall to pass the management traffic you need to the box.
127.0.0.1 shouldn't arrive on a non-loopback interface. If you wanted to try to do this kind of silly hack, you would use another address and configure it on $ext_if. Where is your ifconfig output and dmesg, anyway?
