API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 19th, 2018
194
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 6.59 KB | None | 0 0
raw download clone embed print report
  1. Chain INPUT (policy ACCEPT)
  2. target prot opt source destination
  3. cali-INPUT all -- anywhere anywhere /* cali:Cz_u1IQiXIMmKD4c */
  4. KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
  5. KUBE-FIREWALL all -- anywhere anywhere
  6.  
  7. Chain FORWARD (policy ACCEPT)
  8. target prot opt source destination
  9. cali-FORWARD all -- anywhere anywhere /* cali:wUHhoiAYhphO9Mso */
  10. KUBE-FORWARD all -- anywhere anywhere /* kubernetes forward rules */
  11. DOCKER-ISOLATION all -- anywhere anywhere
  12. DOCKER all -- anywhere anywhere
  13. ACCEPT all -- anywhere anywhere ctstate RELATED,ESTABLISHED
  14. ACCEPT all -- anywhere anywhere
  15. ACCEPT all -- anywhere anywhere
  16.  
  17. Chain OUTPUT (policy ACCEPT)
  18. target prot opt source destination
  19. cali-OUTPUT all -- anywhere anywhere /* cali:tVnHkvAo15HuiPy0 */
  20. KUBE-SERVICES all -- anywhere anywhere /* kubernetes service portals */
  21. KUBE-FIREWALL all -- anywhere anywhere
  22.  
  23. Chain DOCKER (1 references)
  24. target prot opt source destination
  25.  
  26. Chain DOCKER-ISOLATION (1 references)
  27. target prot opt source destination
  28. RETURN all -- anywhere anywhere
  29.  
  30. Chain KUBE-FIREWALL (2 references)
  31. target prot opt source destination
  32. DROP all -- anywhere anywhere /* kubernetes firewall for dropping marked packets */ mark match 0x8000/0x8000
  33.  
  34. Chain KUBE-FORWARD (1 references)
  35. target prot opt source destination
  36. ACCEPT all -- anywhere anywhere /* kubernetes forwarding rules */ mark match 0x4000/0x4000
  37. ACCEPT all -- 10.244.0.0/16 anywhere /* kubernetes forwarding conntrack pod source rule */ ctstate RELATED,ESTABLISHED
  38. ACCEPT all -- anywhere 10.244.0.0/16 /* kubernetes forwarding conntrack pod destination rule */ ctstate RELATED,ESTABLISHED
  39.  
  40. Chain KUBE-SERVICES (2 references)
  41. target prot opt source destination
  42.  
  43. Chain cali-FORWARD (1 references)
  44. target prot opt source destination
  45. cali-from-wl-dispatch all -- anywhere anywhere /* cali:X3vB2lGcBrfkYquC */
  46. cali-to-wl-dispatch all -- anywhere anywhere /* cali:UtJ9FnhBnFbyQMvU */
  47. ACCEPT all -- anywhere anywhere /* cali:Tt19HcSdA5YIGSsw */
  48. ACCEPT all -- anywhere anywhere /* cali:9LzfFCvnpC5_MYXm */
  49. MARK all -- anywhere anywhere /* cali:7AofLLOqCM5j36rM */ MARK and 0xf1ffffff
  50. cali-from-host-endpoint all -- anywhere anywhere /* cali:QM1_joSl7tL76Az7 */ mark match 0x0/0x1000000
  51. cali-to-host-endpoint all -- anywhere anywhere /* cali:C1QSog3bk0AykjAO */
  52. ACCEPT all -- anywhere anywhere /* cali:DmFiPAmzcisqZcvo */ /* Host endpoint policy accepted packet. */ mark match 0x1000000/0x1000000
  53.  
  54. Chain cali-INPUT (1 references)
  55. target prot opt source destination
  56. ACCEPT all -- anywhere anywhere /* cali:i7okJZpS8VxaJB3n */ mark match 0x1000000/0x1000000
  57. cali-wl-to-host all -- anywhere anywhere [goto] /* cali:JaoDb6CLdcGw8g0Y */
  58. MARK all -- anywhere anywhere /* cali:c5eKVW2VdKQ_LiSM */ MARK and 0xf0ffffff
  59. cali-from-host-endpoint all -- anywhere anywhere /* cali:hwQKYSlSCkpE_9uN */
  60. ACCEPT all -- anywhere anywhere /* cali:ttp8-serzKCP-bKZ */ /* Host endpoint policy accepted packet. */ mark match 0x1000000/0x1000000
  61.  
  62. Chain cali-OUTPUT (1 references)
  63. target prot opt source destination
  64. ACCEPT all -- anywhere anywhere /* cali:YQSSJIsRcHjFbXaI */ mark match 0x1000000/0x1000000
  65. RETURN all -- anywhere anywhere /* cali:KRjBsKsBcFBYKCEw */
  66. MARK all -- anywhere anywhere /* cali:3VKAQBcyUUW5kS_j */ MARK and 0xf0ffffff
  67. cali-to-host-endpoint all -- anywhere anywhere /* cali:Z1mBCSH1XHM6qq0k */
  68. ACCEPT all -- anywhere anywhere /* cali:N0jyWt2RfBedKw3L */ /* Host endpoint policy accepted packet. */ mark match 0x1000000/0x1000000
  69.  
  70. Chain cali-failsafe-in (0 references)
  71. target prot opt source destination
  72. ACCEPT tcp -- anywhere anywhere /* cali:wWFQM43tJU7wwnFZ */ multiport dports ssh
  73. ACCEPT udp -- anywhere anywhere /* cali:LwNV--R8MjeUYacw */ multiport dports bootpc
  74.  
  75. Chain cali-failsafe-out (0 references)
  76. target prot opt source destination
  77. ACCEPT tcp -- anywhere anywhere /* cali:73bZKoyDfOpFwC2T */ multiport dports 2379
  78. ACCEPT tcp -- anywhere anywhere /* cali:QMFuWo6o-d9yOpNm */ multiport dports 2380
  79. ACCEPT tcp -- anywhere anywhere /* cali:Kup7QkrsdmfGX0uL */ multiport dports 4001
  80. ACCEPT tcp -- anywhere anywhere /* cali:xYYr5PEqDf_Pqfkv */ multiport dports afs3-callback
  81. ACCEPT udp -- anywhere anywhere /* cali:nbWBvu4OtudVY60Q */ multiport dports domain
  82. ACCEPT udp -- anywhere anywhere /* cali:UxFu5cDK5En6dT3Y */ multiport dports bootps
  83.  
  84. Chain cali-from-host-endpoint (2 references)
  85. target prot opt source destination
  86.  
  87. Chain cali-from-wl-dispatch (2 references)
  88. target prot opt source destination
  89. DROP all -- anywhere anywhere /* cali:zTj6P0TIgYvgz-md */ /* Unknown interface */
  90.  
  91. Chain cali-to-host-endpoint (2 references)
  92. target prot opt source destination
  93.  
  94. Chain cali-to-wl-dispatch (1 references)
  95. target prot opt source destination
  96. DROP all -- anywhere anywhere /* cali:7KNphB1nNHw80nIO */ /* Unknown interface */
  97.  
  98. Chain cali-wl-to-host (1 references)
  99. target prot opt source destination
  100. cali-from-wl-dispatch all -- anywhere anywhere /* cali:Ee9Sbo10IpVujdIY */
  101. ACCEPT all -- anywhere anywhere /* cali:nSZbcOoG1xPONxb8 */ /* Configured DefaultEndpointToHostAction */
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!