summaryrefslogtreecommitdiff
path: root/meta-google/recipes-google/networking/gbmc-nic-config/50-gbmc-nic.rules.in
diff options
context:
space:
mode:
Diffstat (limited to 'meta-google/recipes-google/networking/gbmc-nic-config/50-gbmc-nic.rules.in')
-rw-r--r--meta-google/recipes-google/networking/gbmc-nic-config/50-gbmc-nic.rules.in19
1 files changed, 19 insertions, 0 deletions
diff --git a/meta-google/recipes-google/networking/gbmc-nic-config/50-gbmc-nic.rules.in b/meta-google/recipes-google/networking/gbmc-nic-config/50-gbmc-nic.rules.in
new file mode 100644
index 0000000000..feba64d292
--- /dev/null
+++ b/meta-google/recipes-google/networking/gbmc-nic-config/50-gbmc-nic.rules.in
@@ -0,0 +1,19 @@
+table inet filter {
+ chain @IF@_input {
+ type filter hook input priority 0; policy drop;
+ iifname != @IF@ accept
+ ct state established accept
+ udp dport 547 accept
+ jump gbmc_br_pub_input
+ }
+ chain gbmc_br_pub_input {
+ ip6 nexthdr icmpv6 accept
+ }
+ chain @IF@_forward {
+ type filter hook forward priority 0; policy drop;
+ iifname != @IF@ accept
+ oifname != gbmcbr drop
+ ip6 daddr fdb5:0481:10ce::/64 drop
+ ip6 saddr fdb5:0481:10ce::/64 drop
+ }
+}
generated by cgit v1.2.3 (git 2.39.0) at 2024-09-29 16:27:46 +0300