Blame - meta-google/recipes-google/ncsi/files/50-gbmc-ncsi.rules.in - openbmc/openbmc

blob: 4ebe3512818f95da743bbefb246c98c902368417 [file] [log] [blame]

William A. Kennington III	afe167d	2021-02-08 20:07:49 -0800	[diff] [blame]	1	table inet filter {
				2	chain ncsi_input {
				3	type filter hook input priority 0; policy drop;
				4	iifname != @NCSI_IF@ accept
				5	ct state established accept
William A. Kennington III	1ef795b	2021-03-10 18:59:12 -0800	[diff] [blame^]	6	ip6 daddr ff00::/8 goto ncsi_brd_input
				7	ip6 daddr fe80::/64 goto ncsi_legacy_input
				8	}
				9	chain ncsi_gbmc_br_pub_input {
				10	jump gbmc_br_pub_input
				11	reject
				12	}
				13	chain gbmc_br_pub_input {
				14	}
				15	chain ncsi_legacy_input {
				16	jump ncsi_brd_input
William A. Kennington III	afe167d	2021-02-08 20:07:49 -0800	[diff] [blame]	17	tcp dport 3959 accept
				18	udp dport 3959 accept
				19	tcp dport 3967 accept
				20	udp dport 3967 accept
William A. Kennington III	1ef795b	2021-03-10 18:59:12 -0800	[diff] [blame^]	21	}
				22	chain ncsi_brd_input {
William A. Kennington III	afe167d	2021-02-08 20:07:49 -0800	[diff] [blame]	23	icmpv6 type nd-neighbor-advert accept
				24	icmpv6 type nd-neighbor-solicit accept
				25	icmpv6 type nd-router-advert accept
				26	}
				27	}