From 06c06211bde0317859bd765b34b952484c835570 Mon Sep 17 00:00:00 2001
From: Kenny Van Alstyne <kenny.vanalstyne@softiron.com>
Date: Mon, 11 Oct 2021 17:40:06 +0200
Subject: [PATCH] B #5079: Fix IPv6 for vRouters with IP spoofing

While using the virtual router framework, it was discovered that traffic to IPv6 virtual / floating IPs was being blocked by ip6tables. Upon further investigation, IPv6 vRouter IPs were not being properly added to the ipset. This commit remediates this issue.

Signed-off-by: Kenny Van Alstyne <kenny.vanalstyne@softiron.com>
---
 src/vnm_mad/remotes/lib/security_groups_iptables.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/vnm_mad/remotes/lib/security_groups_iptables.rb b/src/vnm_mad/remotes/lib/security_groups_iptables.rb
index b3f86cf52d..558378563a 100644
--- a/src/vnm_mad/remotes/lib/security_groups_iptables.rb
+++ b/src/vnm_mad/remotes/lib/security_groups_iptables.rb
@@ -509,7 +509,7 @@ module SGIPTables
 
             ipv6s = Array.new
 
-            [:ip6, :ip6_global, :ip6_link, :ip6_ula].each do |key|
+            [:ip6, :ip6_global, :ip6_link, :ip6_ula, :vrouter_ip6, :vrouter_ip6_global, :vrouter_ip6_link, :vrouter_ip6_ula].each do |key|
                 ipv6s << nic[key] if !nic[key].nil? && !nic[key].empty?
 
                 vars[:nics_alias].each do |nic_alias|