Blame - meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br.rules - mdmillerii/openbmc

blob: 1a5e6331df47b40b588bebbebdba5578ee146c55 [file] [log] [blame]

William A. Kennington III	832f02b	2021-04-23 12:53:36 -0700	[diff] [blame]	1	table bridge filter {
				2	chain gbmc_br_prerouting {
				3	type filter hook prerouting priority 0;
				4	iifname != gbmcbr accept
				5	# Sometimes our links are over NCSI and we don't want to broadcast
				6	# those packets over the entire bridge. They are only relevant P2P.
				7	ether type 0x88F8 drop
				8	}
				9	}
				10
				11	table inet filter {
				12	chain gbmc_br_input {
				13	type filter hook input priority 0; policy drop;
				14	iifname != gbmcbr accept
				15	jump gbmc_br_int_input
				16	jump gbmc_br_pub_input
				17	reject
				18	}
				19	chain gbmc_br_int_input {
				20	ip6 daddr ff00::/8 accept
				21	ip6 daddr fe80::/64 accept
				22	ip6 daddr fdb5:0481:10ce::/64 accept
				23	}
				24	chain gbmc_br_pub_input {
				25	ip6 nexthdr icmpv6 accept
				26	}
				27	}