meta-google: gbmc-systemd-config: Enable packet forwarding This allows gBMCs to route packets, needed for routing packets to the management netowrk. Change-Id: I71f59eeb12607aa9c9d64687fb983938d5d69413 Signed-off-by: William A. Kennington III <wak@google.com>

commit: 5ba6d08d7f49d26ae466f6d826ed1d849972ad59 [log] [tgz]
author: William A. Kennington III <wak@google.com> Wed Mar 10 19:24:22 2021 -0800
committer: William A. Kennington III <wak@google.com> Fri May 07 01:09:53 2021 +0000
tree: 56fbb156b19d25ed97437a4bf79101548a298bb5
parent: e99168aab003bd20a901f40e15823af6637a4abd [diff] [blame]
diff --git a/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in b/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in
index 4ebe351..70f14ae 100644
--- a/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in
+++ b/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in

@@ -24,4 +24,11 @@
         icmpv6 type nd-neighbor-solicit accept
         icmpv6 type nd-router-advert accept
     }
+    chain ncsi_forward {
+        type filter hook forward priority 0; policy accept;
+        iifname != @NCSI_IF@ accept
+        oifname != gbmcbr drop
+        ip6 daddr fdb5:0481:10ce::/64 drop
+        ip6 saddr fdb5:0481:10ce::/64 drop
+    }
 }
commit	5ba6d08d7f49d26ae466f6d826ed1d849972ad59	[log] [tgz]
author	William A. Kennington III <wak@google.com>	Wed Mar 10 19:24:22 2021 -0800
committer	William A. Kennington III <wak@google.com>	Fri May 07 01:09:53 2021 +0000
tree	56fbb156b19d25ed97437a4bf79101548a298bb5
parent	e99168aab003bd20a901f40e15823af6637a4abd [diff] [blame]