kube-spawn icon indicating copy to clipboard operation
kube-spawn copied to clipboard

Published 20 hours ago verified publisher icon kinvolk

setIptablesForwardPolicy() makes default FORWARD policy accept

Open donbowman opened this issue 7 years ago • 0 comments

Several issues:

a) ignores ip6tables b) this silently breaks the firewall of the host its on

My host has iptables -P FORWARD drop, after I run kube-spawn, without knowing, I'm circumvented.

I think this needs to qualify by e.g. docker0 or cni0 interface.

donbowman avatar Aug 16 '18 12:08 donbowman