hectorj2f/gist:177a2d48cc0fc172cc5cd420d3b138b7

## gistfile1.txt
```
$ sudo iptables -L -v -n

Chain INPUT (policy ACCEPT 26 packets, 1801 bytes)
 pkts bytes target     prot opt in     out     source               destination
  588 98723 felix-INPUT  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain FORWARD (policy ACCEPT 6 packets, 400 bytes)
 pkts bytes target     prot opt in     out     source               destination
  218 37080 felix-FORWARD  all  --  *      *       0.0.0.0/0            0.0.0.0/0
 7522 1632K DOCKER-ISOLATION  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 DOCKER     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      docker0  0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  docker0 !docker0  0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  docker0 docker0  0.0.0.0/0            0.0.0.0/0

Chain OUTPUT (policy ACCEPT 20 packets, 1591 bytes)
 pkts bytes target     prot opt in     out     source               destination
 199K 9829K KUBE-SERVICES  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* kubernetes service portals */

Chain DOCKER (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain DOCKER-ISOLATION (1 references)
 pkts bytes target     prot opt in     out     source               destination
 7522 1632K RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain KUBE-SERVICES (1 references)
 pkts bytes target     prot opt in     out     source               destination

Chain felix-FORWARD (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 DROP       all  --  cali+  *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
    0     0 DROP       all  --  *      cali+   0.0.0.0/0            0.0.0.0/0            ctstate INVALID
  136  8696 RETURN     all  --  cali+  *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
   62 26984 RETURN     all  --  *      cali+   0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
   20  1400 felix-FROM-ENDPOINT  all  --  cali+  *       0.0.0.0/0            0.0.0.0/0
    0     0 felix-TO-ENDPOINT  all  --  *      cali+   0.0.0.0/0            0.0.0.0/0
   20  1400 ACCEPT     all  --  cali+  *       0.0.0.0/0            0.0.0.0/0
    0     0 ACCEPT     all  --  *      cali+   0.0.0.0/0            0.0.0.0/0

Chain felix-FROM-ENDPOINT (2 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 felix-FROM-EP-PFX-1  all  --  cali1+ *       0.0.0.0/0            0.0.0.0/0           [goto]
   20  1400 felix-from-32a6fa7c4d4  all  --  cali32a6fa7c4d4 *       0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* From unknown endpoint */

Chain felix-FROM-EP-PFX-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 felix-from-118a6a3a4d4  all  --  cali118a6a3a4d4 *       0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-from-11e1fe624d4  all  --  cali11e1fe624d4 *       0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-from-120284e84d4  all  --  cali120284e84d4 *       0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-from-11b0aa564d4  all  --  cali11b0aa564d4 *       0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* From unknown endpoint */

Chain felix-INPUT (1 references)
 pkts bytes target     prot opt in     out     source               destination
   43  4096 DROP       4    --  *      *       0.0.0.0/0            0.0.0.0/0            ! match-set felix-calico-hosts-4 src
  527 93111 RETURN     all  --  !cali+ *       0.0.0.0/0            0.0.0.0/0
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
   19  1568 ACCEPT     all  --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp spt:68 dpt:67
    0     0 ACCEPT     udp  --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:53
    0     0 felix-FROM-ENDPOINT  all  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain felix-TO-ENDPOINT (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 felix-TO-EP-PFX-1  all  --  *      cali1+  0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-to-32a6fa7c4d4  all  --  *      cali32a6fa7c4d4  0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* To unknown endpoint */

Chain felix-TO-EP-PFX-1 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 felix-to-118a6a3a4d4  all  --  *      cali118a6a3a4d4  0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-to-11e1fe624d4  all  --  *      cali11e1fe624d4  0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-to-120284e84d4  all  --  *      cali120284e84d4  0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 felix-to-11b0aa564d4  all  --  *      cali11b0aa564d4  0.0.0.0/0            0.0.0.0/0           [goto]
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* To unknown endpoint */

Chain felix-from-118a6a3a4d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MAC ! E2:34:26:15:73:C9 /* Incorrect source MAC */
    0     0 felix-p-_dc7c084a57e838b-o  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 118a6a3a4d4411e6ab76deadbe4c455c) */

Chain felix-from-11b0aa564d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MAC ! D6:0D:8B:E7:D7:BA /* Incorrect source MAC */
    0     0 felix-p-_dc7c084a57e838b-o  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 11b0aa564d4411e6bd27deadbe4c455c) */

Chain felix-from-11e1fe624d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MAC ! A6:E7:22:D6:56:F1 /* Incorrect source MAC */
    0     0 felix-p-_dc7c084a57e838b-o  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 11e1fe624d4411e697cfdeadbe4c455c) */

Chain felix-from-120284e84d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MAC ! DE:9C:AE:2F:38:30 /* Incorrect source MAC */
    0     0 felix-p-_dc7c084a57e838b-o  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 120284e84d4411e69d38deadbe4c455c) */

Chain felix-from-32a6fa7c4d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
   20  1400 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MAC ! E6:B6:2D:51:36:F3 /* Incorrect source MAC */
   20  1400 felix-p-_dc7c084a57e838b-o  all  --  *      *       0.0.0.0/0            0.0.0.0/0
   20  1400 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 32a6fa7c4d4311e68cb8deadbe4c455c) */

Chain felix-p-_dc7c084a57e838b-i (5 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK or 0x1000000
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000

Chain felix-p-_dc7c084a57e838b-o (5 references)
 pkts bytes target     prot opt in     out     source               destination
   20  1400 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK or 0x1000000
   20  1400 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000

Chain felix-to-118a6a3a4d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 felix-p-_dc7c084a57e838b-i  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 118a6a3a4d4411e6ab76deadbe4c455c) */

Chain felix-to-11b0aa564d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 felix-p-_dc7c084a57e838b-i  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 11b0aa564d4411e6bd27deadbe4c455c) */

Chain felix-to-11e1fe624d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 felix-p-_dc7c084a57e838b-i  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 11e1fe624d4411e697cfdeadbe4c455c) */

Chain felix-to-120284e84d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 felix-p-_dc7c084a57e838b-i  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 120284e84d4411e69d38deadbe4c455c) */

Chain felix-to-32a6fa7c4d4 (1 references)
 pkts bytes target     prot opt in     out     source               destination
    0     0 MARK       all  --  *      *       0.0.0.0/0            0.0.0.0/0            MARK and 0xfeffffff
    0     0 felix-p-_dc7c084a57e838b-i  all  --  *      *       0.0.0.0/0            0.0.0.0/0
    0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0x1000000/0x1000000 /* Profile accepted packet */
    0     0 DROP       all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* Packet did not match any profile (endpoint 32a6fa7c4d4311e68cb8deadbe4c455c) */
    ```
	```
	$ sudo iptables -L -v -n

	Chain INPUT (policy ACCEPT 26 packets, 1801 bytes)
	pkts bytes target prot opt in out source destination
	588 98723 felix-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0

	Chain FORWARD (policy ACCEPT 6 packets, 400 bytes)
	pkts bytes target prot opt in out source destination
	218 37080 felix-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
	7522 1632K DOCKER-ISOLATION all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0
	0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
	0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0
	0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0

	Chain OUTPUT (policy ACCEPT 20 packets, 1591 bytes)
	pkts bytes target prot opt in out source destination
	199K 9829K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */

	Chain DOCKER (1 references)
	pkts bytes target prot opt in out source destination

	Chain DOCKER-ISOLATION (1 references)
	pkts bytes target prot opt in out source destination
	7522 1632K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0

	Chain KUBE-SERVICES (1 references)
	pkts bytes target prot opt in out source destination

	Chain felix-FORWARD (1 references)
	pkts bytes target prot opt in out source destination
	0 0 DROP all -- cali+ * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
	0 0 DROP all -- * cali+ 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
	136 8696 RETURN all -- cali+ * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
	62 26984 RETURN all -- * cali+ 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
	20 1400 felix-FROM-ENDPOINT all -- cali+ * 0.0.0.0/0 0.0.0.0/0
	0 0 felix-TO-ENDPOINT all -- * cali+ 0.0.0.0/0 0.0.0.0/0
	20 1400 ACCEPT all -- cali+ * 0.0.0.0/0 0.0.0.0/0
	0 0 ACCEPT all -- * cali+ 0.0.0.0/0 0.0.0.0/0

	Chain felix-FROM-ENDPOINT (2 references)
	pkts bytes target prot opt in out source destination
	0 0 felix-FROM-EP-PFX-1 all -- cali1+ * 0.0.0.0/0 0.0.0.0/0 [goto]
	20 1400 felix-from-32a6fa7c4d4 all -- cali32a6fa7c4d4 * 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* From unknown endpoint */

	Chain felix-FROM-EP-PFX-1 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 felix-from-118a6a3a4d4 all -- cali118a6a3a4d4 * 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-from-11e1fe624d4 all -- cali11e1fe624d4 * 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-from-120284e84d4 all -- cali120284e84d4 * 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-from-11b0aa564d4 all -- cali11b0aa564d4 * 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* From unknown endpoint */

	Chain felix-INPUT (1 references)
	pkts bytes target prot opt in out source destination
	43 4096 DROP 4 -- * * 0.0.0.0/0 0.0.0.0/0 ! match-set felix-calico-hosts-4 src
	527 93111 RETURN all -- !cali+ * 0.0.0.0/0 0.0.0.0/0
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID
	19 1568 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED
	0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67
	0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
	0 0 felix-FROM-ENDPOINT all -- * * 0.0.0.0/0 0.0.0.0/0

	Chain felix-TO-ENDPOINT (1 references)
	pkts bytes target prot opt in out source destination
	0 0 felix-TO-EP-PFX-1 all -- * cali1+ 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-to-32a6fa7c4d4 all -- * cali32a6fa7c4d4 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* To unknown endpoint */

	Chain felix-TO-EP-PFX-1 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 felix-to-118a6a3a4d4 all -- * cali118a6a3a4d4 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-to-11e1fe624d4 all -- * cali11e1fe624d4 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-to-120284e84d4 all -- * cali120284e84d4 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 felix-to-11b0aa564d4 all -- * cali11b0aa564d4 0.0.0.0/0 0.0.0.0/0 [goto]
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* To unknown endpoint */

	Chain felix-from-118a6a3a4d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MAC ! E2:34:26:15:73:C9 /* Incorrect source MAC */
	0 0 felix-p-_dc7c084a57e838b-o all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 118a6a3a4d4411e6ab76deadbe4c455c) */

	Chain felix-from-11b0aa564d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MAC ! D6:0D:8B:E7:D7:BA /* Incorrect source MAC */
	0 0 felix-p-_dc7c084a57e838b-o all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 11b0aa564d4411e6bd27deadbe4c455c) */

	Chain felix-from-11e1fe624d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MAC ! A6:E7:22:D6:56:F1 /* Incorrect source MAC */
	0 0 felix-p-_dc7c084a57e838b-o all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 11e1fe624d4411e697cfdeadbe4c455c) */

	Chain felix-from-120284e84d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MAC ! DE:9C:AE:2F:38:30 /* Incorrect source MAC */
	0 0 felix-p-_dc7c084a57e838b-o all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 120284e84d4411e69d38deadbe4c455c) */

	Chain felix-from-32a6fa7c4d4 (1 references)
	pkts bytes target prot opt in out source destination
	20 1400 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 MAC ! E6:B6:2D:51:36:F3 /* Incorrect source MAC */
	20 1400 felix-p-_dc7c084a57e838b-o all -- * * 0.0.0.0/0 0.0.0.0/0
	20 1400 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 32a6fa7c4d4311e68cb8deadbe4c455c) */

	Chain felix-p-_dc7c084a57e838b-i (5 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK or 0x1000000
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000

	Chain felix-p-_dc7c084a57e838b-o (5 references)
	pkts bytes target prot opt in out source destination
	20 1400 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK or 0x1000000
	20 1400 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000

	Chain felix-to-118a6a3a4d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 felix-p-_dc7c084a57e838b-i all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 118a6a3a4d4411e6ab76deadbe4c455c) */

	Chain felix-to-11b0aa564d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 felix-p-_dc7c084a57e838b-i all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 11b0aa564d4411e6bd27deadbe4c455c) */

	Chain felix-to-11e1fe624d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 felix-p-_dc7c084a57e838b-i all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 11e1fe624d4411e697cfdeadbe4c455c) */

	Chain felix-to-120284e84d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 felix-p-_dc7c084a57e838b-i all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 120284e84d4411e69d38deadbe4c455c) */

	Chain felix-to-32a6fa7c4d4 (1 references)
	pkts bytes target prot opt in out source destination
	0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK and 0xfeffffff
	0 0 felix-p-_dc7c084a57e838b-i all -- * * 0.0.0.0/0 0.0.0.0/0
	0 0 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 mark match 0x1000000/0x1000000 /* Profile accepted packet */
	0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Packet did not match any profile (endpoint 32a6fa7c4d4311e68cb8deadbe4c455c) */
	```