kubernetes

github/kubernetes

Fork 0

Commit Graph

Author	SHA1	Message	Date
Daman Arora	25a40b1c7c	pkg/proxy/nftables: handle traffic to node ports with no endpoints NFTables proxy will no longer install drop and reject rules for node port services with no endpoints in chains associated with forward and output hooks. Signed-off-by: Daman Arora <aroradaman@gmail.com>	2024-01-21 20:07:56 +05:30
Daman Arora	4b40299133	pkg/proxy/nftables: handle traffic to cluster ip NFTables proxy will now drop traffic directed towards unallocated ClusterIPs and reject traffic directed towards invalid ports of Cluster IPs. Signed-off-by: Daman Arora <aroradaman@gmail.com>	2024-01-21 19:58:37 +05:30
Dan Winship	5ca73197b3	Document the nftables kube-proxy packet flow	2024-01-11 12:59:21 -05:00

Author

SHA1

Message

Date

Daman Arora

25a40b1c7c

pkg/proxy/nftables: handle traffic to node ports with no endpoints

NFTables proxy will no longer install drop and reject rules for node
port services with no endpoints in chains associated with forward and
output hooks.

Signed-off-by: Daman Arora <aroradaman@gmail.com>

2024-01-21 20:07:56 +05:30

Daman Arora

4b40299133

pkg/proxy/nftables: handle traffic to cluster ip

NFTables proxy will now drop traffic directed towards unallocated
ClusterIPs and reject traffic directed towards invalid ports of
Cluster IPs.

Signed-off-by: Daman Arora <aroradaman@gmail.com>

2024-01-21 19:58:37 +05:30

Dan Winship

5ca73197b3

Document the nftables kube-proxy packet flow

2024-01-11 12:59:21 -05:00

3 Commits