setIptablesForwardPolicy() makes default FORWARD policy accept
donbowman opened this issue · 0 comments
donbowman commented
Several issues:
a) ignores ip6tables
b) this silently breaks the firewall of the host its on
My host has iptables -P FORWARD drop, after I run kube-spawn, without knowing, I'm circumvented.
I think this needs to qualify by e.g. docker0 or cni0 interface.