Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Chain INPUT (policy ACCEPT)
- target prot opt source destination
- cali-INPUT all -- anywhere anywhere /* cali:Cz_u1IQiXIMmKD4c */
- KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
- KUBE-FIREWALL all -- anywhere anywhere
- Chain FORWARD (policy ACCEPT)
- target prot opt source destination
- cali-FORWARD all -- anywhere anywhere /* cali:wUHhoiAYhphO9Mso */
- KUBE-FORWARD all -- anywhere anywhere /* kubernetes forward rules */
- DOCKER-ISOLATION all -- anywhere anywhere
- DOCKER all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
- ACCEPT all -- anywhere anywhere
- ACCEPT all -- anywhere anywhere
- Chain OUTPUT (policy ACCEPT)
- target prot opt source destination
- cali-OUTPUT all -- anywhere anywhere /* cali:tVnHkvAo15HuiPy0 */
- KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
- KUBE-FIREWALL all -- anywhere anywhere
- Chain DOCKER (1 references)
- target prot opt source destination
- Chain DOCKER-ISOLATION (1 references)
- target prot opt source destination
- RETURN all -- anywhere anywhere
- Chain KUBE-FIREWALL (2 references)
- target prot opt source destination
- DROP all -- anywhere anywhere /* kubernetes firewall for dropping marked packets */ mark match 0x8000/0x8000
- Chain KUBE-FORWARD (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere /* kubernetes forwarding rules */ mark match 0x4000/0x4000
- ACCEPT all -- 10.244.0.0/16 anywhere /* kubernetes forwarding conntrack pod source rule */ ctstate RELATED,ESTABLISHED
- ACCEPT all -- anywhere 10.244.0.0/16 /* kubernetes forwarding conntrack pod destination rule */ ctstate RELATED,ESTABLISHED
- Chain KUBE-SERVICES (2 references)
- target prot opt source destination
- Chain cali-FORWARD (1 references)
- target prot opt source destination
- cali-from-wl-dispatch all -- anywhere anywhere /* cali:X3vB2lGcBrfkYquC */
- cali-to-wl-dispatch all -- anywhere anywhere /* cali:UtJ9FnhBnFbyQMvU */
- ACCEPT all -- anywhere anywhere /* cali:Tt19HcSdA5YIGSsw */
- ACCEPT all -- anywhere anywhere /* cali:9LzfFCvnpC5_MYXm */
- MARK all -- anywhere anywhere /* cali:7AofLLOqCM5j36rM */ MARK and 0xf1ffffff
- cali-from-host-endpoint all -- anywhere anywhere /* cali:QM1_joSl7tL76Az7 */ mark match 0x0/0x1000000
- cali-to-host-endpoint all -- anywhere anywhere /* cali:C1QSog3bk0AykjAO */
- ACCEPT all -- anywhere anywhere /* cali:DmFiPAmzcisqZcvo */ /* Host endpoint policy accepted packet. */ mark match 0x1000000/0x1000000
- Chain cali-INPUT (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere /* cali:i7okJZpS8VxaJB3n */ mark match 0x1000000/0x1000000
- cali-wl-to-host all -- anywhere anywhere [goto] /* cali:JaoDb6CLdcGw8g0Y */
- MARK all -- anywhere anywhere /* cali:c5eKVW2VdKQ_LiSM */ MARK and 0xf0ffffff
- cali-from-host-endpoint all -- anywhere anywhere /* cali:hwQKYSlSCkpE_9uN */
- ACCEPT all -- anywhere anywhere /* cali:ttp8-serzKCP-bKZ */ /* Host endpoint policy accepted packet. */ mark match 0x1000000/0x1000000
- Chain cali-OUTPUT (1 references)
- target prot opt source destination
- ACCEPT all -- anywhere anywhere /* cali:YQSSJIsRcHjFbXaI */ mark match 0x1000000/0x1000000
- RETURN all -- anywhere anywhere /* cali:KRjBsKsBcFBYKCEw */
- MARK all -- anywhere anywhere /* cali:3VKAQBcyUUW5kS_j */ MARK and 0xf0ffffff
- cali-to-host-endpoint all -- anywhere anywhere /* cali:Z1mBCSH1XHM6qq0k */
- ACCEPT all -- anywhere anywhere /* cali:N0jyWt2RfBedKw3L */ /* Host endpoint policy accepted packet. */ mark match 0x1000000/0x1000000
- Chain cali-failsafe-in (0 references)
- target prot opt source destination
- ACCEPT tcp -- anywhere anywhere /* cali:wWFQM43tJU7wwnFZ */ multiport dports ssh
- ACCEPT udp -- anywhere anywhere /* cali:LwNV--R8MjeUYacw */ multiport dports bootpc
- Chain cali-failsafe-out (0 references)
- target prot opt source destination
- ACCEPT tcp -- anywhere anywhere /* cali:73bZKoyDfOpFwC2T */ multiport dports 2379
- ACCEPT tcp -- anywhere anywhere /* cali:QMFuWo6o-d9yOpNm */ multiport dports 2380
- ACCEPT tcp -- anywhere anywhere /* cali:Kup7QkrsdmfGX0uL */ multiport dports 4001
- ACCEPT tcp -- anywhere anywhere /* cali:xYYr5PEqDf_Pqfkv */ multiport dports afs3-callback
- ACCEPT udp -- anywhere anywhere /* cali:nbWBvu4OtudVY60Q */ multiport dports domain
- ACCEPT udp -- anywhere anywhere /* cali:UxFu5cDK5En6dT3Y */ multiport dports bootps
- Chain cali-from-host-endpoint (2 references)
- target prot opt source destination
- Chain cali-from-wl-dispatch (2 references)
- target prot opt source destination
- DROP all -- anywhere anywhere /* cali:zTj6P0TIgYvgz-md */ /* Unknown interface */
- Chain cali-to-host-endpoint (2 references)
- target prot opt source destination
- Chain cali-to-wl-dispatch (1 references)
- target prot opt source destination
- DROP all -- anywhere anywhere /* cali:7KNphB1nNHw80nIO */ /* Unknown interface */
- Chain cali-wl-to-host (1 references)
- target prot opt source destination
- cali-from-wl-dispatch all -- anywhere anywhere /* cali:Ee9Sbo10IpVujdIY */
- ACCEPT all -- anywhere anywhere /* cali:nSZbcOoG1xPONxb8 */ /* Configured DefaultEndpointToHostAction */
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement