From 1bf2f72a48068c491ca4adb4f8bdf2bbb5ddd7f1 Mon Sep 17 00:00:00 2001
From: Nikola Dancejic <26731235+Ndancejic@users.noreply.github.com>
Date: Tue, 27 Feb 2024 13:11:58 -0800
Subject: [PATCH] [ebtables] Add multicast drop rule to ebtables (#18064)

Adding rule to ebtables to drop multicast packets in kernel. This was
done to address a bug where NS packets were flooding ports with
duplicate packets.

Signed-off-by: Nikola Dancejic <ndancejic@microsoft.com>
---
 files/image_config/ebtables/ebtables.filter.cfg | 1 +
 1 file changed, 1 insertion(+)

diff --git a/files/image_config/ebtables/ebtables.filter.cfg b/files/image_config/ebtables/ebtables.filter.cfg
index 7a2dc5c8b..fae04a378 100644
--- a/files/image_config/ebtables/ebtables.filter.cfg
+++ b/files/image_config/ebtables/ebtables.filter.cfg
@@ -8,4 +8,5 @@
 -A FORWARD -d BGA -j DROP
 -A FORWARD -p ARP -j DROP
 -A FORWARD -p 802_1Q --vlan-encap ARP -j DROP
+-A FORWARD -d Multicast -j DROP