This repository has been archived by the owner on Jan 4, 2022. It is now read-only.

setIptablesForwardPolicy() makes default FORWARD policy accept #298

Open

donbowman opened this issue Aug 16, 2018 · 0 comments

Contributor

donbowman commented Aug 16, 2018

Several issues:

a) ignores ip6tables
b) this silently breaks the firewall of the host its on

My host has iptables -P FORWARD drop, after I run kube-spawn, without knowing, I'm circumvented.

I think this needs to qualify by e.g. docker0 or cni0 interface.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.