github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make comment about reject action more accurate

Browse Source 
Signed-off-by: Quan Tian <qtian@vmware.com>
This commit is contained in:
Quan Tian
2024-02-07 22:27:53 +08:00
parent c7e48f1ebf
commit 42672ee2ea
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/proxy/nftables/proxier.go
View File

@@ -353,7 +353,7 @@ type nftablesJumpChain struct {
var nftablesJumpChains = []nftablesJumpChain{
// We can't jump to endpointsCheckChain from filter-prerouting like
// firewallCheckChain because reject action is only valid in chains using the
// input, forward or output hooks.
// input, forward or output hooks with kernels before 5.9.
{nodePortEndpointsCheckChain, filterInputChain, "ct state new"},
{serviceEndpointsCheckChain, filterInputChain, "ct state new"},
{serviceEndpointsCheckChain, filterForwardChain, "ct state new"},