commit a27086f3bc36022627a2cc280dc0f0ea153db567
author William A. Kennington III <wak@google.com> Wed Jan 19 09:57:22 2022 -0800
committer William A. Kennington III <wak@google.com> Wed Jan 26 23:12:24 2022 +0000
tree 4df903c020f08e279174303cb9da97d3e9dd8144
parent 49ebfb425caa4fee177062588663200a63ce2b85

meta-google: gbmc-ncsi-config: Fix broadcast rules

Distinguish between broadcast only packets and broadcast + unicast
packets.

Change-Id: I52f7969ccd00e4142d5585a37b92cc5530b76dec
Signed-off-by: William A. Kennington III <wak@google.com>

meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in

diff --git a/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in b/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in
index e2ade6e..303dbca 100644
--- a/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in
+++ b/meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in
@@ -14,13 +14,16 @@
     chain gbmc_br_pub_input {
     }
     chain ncsi_legacy_input {
-        jump ncsi_brd_input
+        jump ncsi_any_input
         tcp dport 3959 accept
         udp dport 3959 accept
         tcp dport 3967 accept
         udp dport 3967 accept
     }
     chain ncsi_brd_input {
+        jump ncsi_any_input
+    }
+    chain ncsi_any_input {
         icmpv6 type nd-neighbor-advert accept
         icmpv6 type nd-neighbor-solicit accept
         icmpv6 type nd-router-advert accept