meta-google: gbmc-bridge: Fix nftable rule set

Seems that nftable cannot jump to a chain that doesn't in its own file.

Change-Id: I4d8c0cd804afddaae7ae5e94b5db1266b149fb55
Signed-off-by: Yuxiao Zhang <yuxiaozhang@google.com>

2 files changed, 2 insertions, 7 deletions

diff --git a/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br-cn-redirect.rules b/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br-cn-redirect.rules
index 61e8b44237..e0bae575ca 100644
--- a/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br-cn-redirect.rules
+++ b/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br-cn-redirect.rules
@@ -22,9 +22,3 @@ table inet raw {
         tcp sport 10168 tcp sport set 10166 notrack
     }
 }
-
-table inet filter {
-    chain gbmc_br_redir_input {
-        mark 0xff drop
-    }
-}
diff --git a/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br.rules b/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br.rules
index 5bc58f0a2f..72dde392e7 100644
--- a/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br.rules
+++ b/meta-google/recipes-google/networking/gbmc-bridge/50-gbmc-br.rules
@@ -12,8 +12,8 @@ table inet filter {
   chain gbmc_br_input {
     type filter hook input priority 0; policy drop;
     iifname != gbmcbr accept
+    mark 0xff drop
     ct state established accept
-    jump gbmc_br_redir_input
     jump gbmc_br_int_input
     jump gbmc_br_pub_input
     reject
@@ -35,3 +35,4 @@ table inet filter {
     ip6 nexthdr icmpv6 accept
   }
 }
+