Created
November 19, 2018 13:09
-
-
Save lbroudoux/f8b372f6dc29f0b1f30f1a46931a4ab3 to your computer and use it in GitHub Desktop.
minishift iptables -L -n -v -t nat
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [root@knative ~]# iptables -L -n -v -t nat | |
| Chain PREROUTING (policy ACCEPT 59 packets, 3932 bytes) | |
| pkts bytes target prot opt in out source destination | |
| 96468 7113K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */ | |
| 19155 1285K KUBE-PORTALS-CONTAINER all -- * * 0.0.0.0/0 0.0.0.0/0 /* handle ClusterIPs; NOTE: this must be before the NodePort rules */ | |
| 917 58684 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL | |
| 884 56572 KUBE-NODEPORT-CONTAINER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL /* handle service NodePorts; NOTE: this must be the last rule in the chain */ | |
| Chain INPUT (policy ACCEPT 1 packets, 72 bytes) | |
| pkts bytes target prot opt in out source destination | |
| Chain OUTPUT (policy ACCEPT 192 packets, 12106 bytes) | |
| pkts bytes target prot opt in out source destination | |
| 21147 1272K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */ | |
| 16871 1015K KUBE-PORTALS-HOST all -- * * 0.0.0.0/0 0.0.0.0/0 /* handle ClusterIPs; NOTE: this must be before the NodePort rules */ | |
| 5112 307K DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL | |
| 8459 508K KUBE-NODEPORT-HOST all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL /* handle service NodePorts; NOTE: this must be the last rule in the chain */ | |
| Chain POSTROUTING (policy ACCEPT 421 packets, 29743 bytes) | |
| pkts bytes target prot opt in out source destination | |
| 117K 8306K KUBE-POSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes postrouting rules */ | |
| 18010 1199K MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0 | |
| Chain DOCKER (2 references) | |
| pkts bytes target prot opt in out source destination | |
| 6 360 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0 | |
| Chain KUBE-FW-3XHAPDZ2SSE6DUFQ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus loadbalancer IP */ | |
| 0 0 KUBE-SVC-3XHAPDZ2SSE6DUFQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus loadbalancer IP */ | |
| Chain KUBE-FW-4BQASKKZBUHVUKPW (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-SVC-4BQASKKZBUHVUKPW all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ | |
| Chain KUBE-FW-5QNLRKBR3M2YDX7H (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https loadbalancer IP */ | |
| 0 0 KUBE-SVC-5QNLRKBR3M2YDX7H all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https loadbalancer IP */ | |
| Chain KUBE-FW-62L5C2KEOX6ICGVJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp loadbalancer IP */ | |
| 0 0 KUBE-SVC-62L5C2KEOX6ICGVJ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp loadbalancer IP */ | |
| Chain KUBE-FW-6EJUSLW6MCXQ7WBR (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-SVC-6EJUSLW6MCXQ7WBR all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ | |
| Chain KUBE-FW-7N6LHPYFOVFT454K (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https loadbalancer IP */ | |
| 0 0 KUBE-SVC-7N6LHPYFOVFT454K all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https loadbalancer IP */ | |
| Chain KUBE-FW-F4WP6CIDODMYIYVX (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-SVC-F4WP6CIDODMYIYVX all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ | |
| Chain KUBE-FW-FNIRFTR6AM2WTDP7 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana loadbalancer IP */ | |
| 0 0 KUBE-SVC-FNIRFTR6AM2WTDP7 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana loadbalancer IP */ | |
| Chain KUBE-FW-FWUZ7WRQUHHJNJ54 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls loadbalancer IP */ | |
| 0 0 KUBE-SVC-FWUZ7WRQUHHJNJ54 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls loadbalancer IP */ | |
| Chain KUBE-FW-G6D3V5KS3PXPUEDS (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 loadbalancer IP */ | |
| 0 0 KUBE-SVC-G6D3V5KS3PXPUEDS all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 loadbalancer IP */ | |
| Chain KUBE-FW-GSBZVFVWGYEG3WJK (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana loadbalancer IP */ | |
| 0 0 KUBE-SVC-GSBZVFVWGYEG3WJK all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana loadbalancer IP */ | |
| Chain KUBE-FW-IYNORUWRU3IJA6RK (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus loadbalancer IP */ | |
| 0 0 KUBE-SVC-IYNORUWRU3IJA6RK all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus loadbalancer IP */ | |
| Chain KUBE-FW-OGQMGMU3LSHYSNCB (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp loadbalancer IP */ | |
| 0 0 KUBE-SVC-OGQMGMU3LSHYSNCB all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp loadbalancer IP */ | |
| Chain KUBE-FW-PC3MFM6XGWMWTUG6 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-SVC-PC3MFM6XGWMWTUG6 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ | |
| Chain KUBE-FW-X3ULCYYQWWNNGZZF (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls loadbalancer IP */ | |
| 0 0 KUBE-SVC-X3ULCYYQWWNNGZZF all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls loadbalancer IP */ | |
| Chain KUBE-FW-Z6P5Y4LX7OQZKXON (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 loadbalancer IP */ | |
| 0 0 KUBE-SVC-Z6P5Y4LX7OQZKXON all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 loadbalancer IP */ | |
| 0 0 KUBE-MARK-DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 loadbalancer IP */ | |
| Chain KUBE-MARK-DROP (16 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK or 0x8000 | |
| Chain KUBE-MARK-MASQ (109 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK or 0x1 | |
| Chain KUBE-NODEPORT-CONTAINER (1 references) | |
| pkts bytes target prot opt in out source destination | |
| Chain KUBE-NODEPORT-HOST (1 references) | |
| pkts bytes target prot opt in out source destination | |
| Chain KUBE-NODEPORTS (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls */ tcp dpt:31992 | |
| 0 0 KUBE-SVC-FWUZ7WRQUHHJNJ54 tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls */ tcp dpt:31992 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp */ tcp dpt:32400 | |
| 0 0 KUBE-SVC-OGQMGMU3LSHYSNCB tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp */ tcp dpt:32400 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls */ tcp dpt:31021 | |
| 0 0 KUBE-SVC-F4WP6CIDODMYIYVX tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls */ tcp dpt:31021 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana */ tcp dpt:32535 | |
| 0 0 KUBE-SVC-GSBZVFVWGYEG3WJK tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana */ tcp dpt:32535 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 */ tcp dpt:32380 | |
| 0 0 KUBE-SVC-Z6P5Y4LX7OQZKXON tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 */ tcp dpt:32380 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus */ tcp dpt:32164 | |
| 0 0 KUBE-SVC-3XHAPDZ2SSE6DUFQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus */ tcp dpt:32164 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls */ tcp dpt:31011 | |
| 0 0 KUBE-SVC-PC3MFM6XGWMWTUG6 tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls */ tcp dpt:31011 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ tcp dpt:31399 | |
| 0 0 KUBE-SVC-GXKK6XCKEA3OZPUD tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ tcp dpt:31399 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana */ tcp dpt:31410 | |
| 0 0 KUBE-SVC-FNIRFTR6AM2WTDP7 tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana */ tcp dpt:31410 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp */ tcp dpt:31400 | |
| 0 0 KUBE-SVC-62L5C2KEOX6ICGVJ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp */ tcp dpt:31400 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https */ tcp dpt:32390 | |
| 0 0 KUBE-SVC-5QNLRKBR3M2YDX7H tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https */ tcp dpt:32390 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https */ tcp dpt:31390 | |
| 0 0 KUBE-SVC-7N6LHPYFOVFT454K tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https */ tcp dpt:31390 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 */ tcp dpt:31380 | |
| 0 0 KUBE-SVC-G6D3V5KS3PXPUEDS tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 */ tcp dpt:31380 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls */ tcp dpt:30335 | |
| 0 0 KUBE-SVC-X3ULCYYQWWNNGZZF tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls */ tcp dpt:30335 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus */ tcp dpt:30838 | |
| 0 0 KUBE-SVC-IYNORUWRU3IJA6RK tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus */ tcp dpt:30838 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ tcp dpt:31133 | |
| 0 0 KUBE-SVC-T6ISBDURAFJGMIDC tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ tcp dpt:31133 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls */ tcp dpt:31589 | |
| 0 0 KUBE-SVC-4BQASKKZBUHVUKPW tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls */ tcp dpt:31589 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls */ tcp dpt:31295 | |
| 0 0 KUBE-SVC-6EJUSLW6MCXQ7WBR tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls */ tcp dpt:31295 | |
| Chain KUBE-PORTALS-CONTAINER (1 references) | |
| pkts bytes target prot opt in out source destination | |
| Chain KUBE-PORTALS-HOST (1 references) | |
| pkts bytes target prot opt in out source destination | |
| Chain KUBE-POSTROUTING (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service traffic requiring SNAT */ mark match 0x1/0x1 | |
| Chain KUBE-SEP-23TUEVBIRGCMFV63 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.26 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ tcp to:172.17.0.26:8080 | |
| Chain KUBE-SEP-2AQZFRUZHUFLSLEJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.11 0.0.0.0/0 /* istio-system/istio-telemetry:prometheus */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:prometheus */ tcp to:172.17.0.11:42422 | |
| Chain KUBE-SEP-34X5AWYLINHYRWQW (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.23 0.0.0.0/0 /* knative-serving/autoscaler:metrics */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/autoscaler:metrics */ tcp to:172.17.0.23:9090 | |
| Chain KUBE-SEP-3FZ3MBCRGQYV73SA (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.14 0.0.0.0/0 /* istio-system/istio-citadel:grpc-citadel */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-citadel:grpc-citadel */ tcp to:172.17.0.14:8060 | |
| Chain KUBE-SEP-3SHHSUDEMMOLVVPQ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.2 0.0.0.0/0 /* kube-dns/kube-dns:dns-tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-dns/kube-dns:dns-tcp */ tcp to:172.17.0.2:53 | |
| Chain KUBE-SEP-446ULEPXLPNFJKYZ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus */ tcp to:172.17.0.15:15030 | |
| Chain KUBE-SEP-4FF5DFWZNAIOQIW5 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 192.168.64.5 0.0.0.0/0 /* default/kubernetes:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/kubernetes:https */ tcp to:192.168.64.5:8443 | |
| Chain KUBE-SEP-4RGVWUTW5R2MNVPQ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 192.168.64.5 0.0.0.0/0 /* default/router:80-tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/router:80-tcp */ tcp to:192.168.64.5:80 | |
| Chain KUBE-SEP-4WQKWYMND6MJ264F (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 192.168.64.5 0.0.0.0/0 /* default/router:443-tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/router:443-tcp */ tcp to:192.168.64.5:443 | |
| Chain KUBE-SEP-5442HHIQ3IWSJIMP (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana */ tcp to:172.17.0.20:15031 | |
| Chain KUBE-SEP-55J5DYXIQMAVXC3E (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.23 0.0.0.0/0 /* knative-serving/autoscaler:websocket */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/autoscaler:websocket */ tcp to:172.17.0.23:8080 | |
| Chain KUBE-SEP-6N7TJ3M4X7JZDX7B (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana */ tcp to:172.17.0.15:15031 | |
| Chain KUBE-SEP-7CB3DBZ3OHKNHSQ7 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.6 0.0.0.0/0 /* istio-system/istio-egressgateway:http2 */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-egressgateway:http2 */ tcp to:172.17.0.6:80 | |
| Chain KUBE-SEP-7SBCV7LB2SAO7KLX (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.11 0.0.0.0/0 /* istio-system/istio-telemetry:http-monitoring */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:http-monitoring */ tcp to:172.17.0.11:9093 | |
| Chain KUBE-SEP-AACMB4KOAMY4LZGX (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 192.168.64.5 0.0.0.0/0 /* openshift-apiserver/api:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* openshift-apiserver/api:https */ tcp to:192.168.64.5:8445 | |
| Chain KUBE-SEP-AVKIUNUTMWUROWL4 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 */ tcp to:172.17.0.15:80 | |
| Chain KUBE-SEP-B2GZWLHRU7M2M5GQ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.21 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ tcp to:172.17.0.21:8080 | |
| Chain KUBE-SEP-DD4SUP2YB3MAYAJT (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls */ tcp to:172.17.0.20:853 | |
| Chain KUBE-SEP-DSV4EZQZTY2T5M7A (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.4 0.0.0.0/0 /* openshift-service-cert-signer/service-serving-cert-signer:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* openshift-service-cert-signer/service-serving-cert-signer:https */ tcp to:172.17.0.4:8443 | |
| Chain KUBE-SEP-EEY7M7UUPFQUNLVJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.2 0.0.0.0/0 /* kube-dns/kube-dns:dns-udp */ | |
| 229 17637 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-dns/kube-dns:dns-udp */ udp to:172.17.0.2:53 | |
| Chain KUBE-SEP-EW63DDJLE4XG7R57 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.11 0.0.0.0/0 /* istio-system/istio-telemetry:grpc-mixer-mtls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:grpc-mixer-mtls */ tcp to:172.17.0.11:15004 | |
| Chain KUBE-SEP-F72PL6NH2TPQ6YX3 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls */ tcp to:172.17.0.20:8060 | |
| Chain KUBE-SEP-F7MJR5CV2QSESVRF (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.12 0.0.0.0/0 /* istio-system/istio-policy:grpc-mixer */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-policy:grpc-mixer */ tcp to:172.17.0.12:9091 | |
| Chain KUBE-SEP-FMQBMUOOIXPPUQ32 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.16 0.0.0.0/0 /* istio-system/istio-pilot:http-monitoring */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:http-monitoring */ tcp to:172.17.0.16:9093 | |
| Chain KUBE-SEP-GKNBXQTJMZIPHROE (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls */ tcp to:172.17.0.20:15011 | |
| Chain KUBE-SEP-GVOS5N5E6JYZYENA (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.13 0.0.0.0/0 /* istio-system/istio-statsd-prom-bridge:statsd-udp */ | |
| 0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-statsd-prom-bridge:statsd-udp */ udp to:172.17.0.13:9125 | |
| Chain KUBE-SEP-I4N4Q2S37GFNDVIZ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.9 0.0.0.0/0 /* istio-system/istio-galley:http-monitoring */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-galley:http-monitoring */ tcp to:172.17.0.9:9093 | |
| Chain KUBE-SEP-IAA5TG5T7WINRD3K (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.17 0.0.0.0/0 /* istio-system/istio-sidecar-injector: */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-sidecar-injector: */ tcp to:172.17.0.17:443 | |
| Chain KUBE-SEP-IFGFPBF2I2AZTJAF (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.12 0.0.0.0/0 /* istio-system/istio-policy:http-monitoring */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-policy:http-monitoring */ tcp to:172.17.0.12:9093 | |
| Chain KUBE-SEP-JCW5U3GSICSNX7V5 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.22 0.0.0.0/0 /* knative-serving/webhook: */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/webhook: */ tcp to:172.17.0.22:443 | |
| Chain KUBE-SEP-JJQLWGXBQ7W7FOY3 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.25 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ tcp to:172.17.0.25:9090 | |
| Chain KUBE-SEP-K6HPOTAJLETA3DZK (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.16 0.0.0.0/0 /* istio-system/istio-pilot:https-xds */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:https-xds */ tcp to:172.17.0.16:15011 | |
| Chain KUBE-SEP-KBYMJBITBYFIBVIM (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp */ tcp to:172.17.0.15:31400 | |
| Chain KUBE-SEP-KLQTWRJM46XA6GTY (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.24 0.0.0.0/0 /* knative-serving/controller:metrics */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/controller:metrics */ tcp to:172.17.0.24:9090 | |
| Chain KUBE-SEP-LQW2LSZYXZIIXOOI (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.12 0.0.0.0/0 /* istio-system/istio-policy:grpc-mixer-mtls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-policy:grpc-mixer-mtls */ tcp to:172.17.0.12:15004 | |
| Chain KUBE-SEP-M2IV427CWKFV5XUH (2 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.10 0.0.0.0/0 /* default/docker-registry:5000-tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/docker-registry:5000-tcp */ recent: SET name: KUBE-SEP-M2IV427CWKFV5XUH side: source mask: 255.255.255.255 tcp to:172.17.0.10:5000 | |
| Chain KUBE-SEP-MLCP664A63O4ERTO (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls */ tcp to:172.17.0.15:8060 | |
| Chain KUBE-SEP-N53QKFCSADREJMVM (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.21 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ tcp to:172.17.0.21:9090 | |
| Chain KUBE-SEP-NBZN3PZ43LZ2UYEC (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.14 0.0.0.0/0 /* istio-system/istio-citadel:http-monitoring */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-citadel:http-monitoring */ tcp to:172.17.0.14:9093 | |
| Chain KUBE-SEP-NOLTFSL7YK2IEYVU (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.26 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ tcp to:172.17.0.26:9090 | |
| Chain KUBE-SEP-O3X4YBY5EJI2BMHM (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.13 0.0.0.0/0 /* istio-system/istio-statsd-prom-bridge:statsd-prom */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-statsd-prom-bridge:statsd-prom */ tcp to:172.17.0.13:9102 | |
| Chain KUBE-SEP-O6BLRF7I3QYKT42E (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.9 0.0.0.0/0 /* istio-system/istio-galley:https-validation */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-galley:https-validation */ tcp to:172.17.0.9:443 | |
| Chain KUBE-SEP-P5ZYBPTCIGWZFM2M (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https */ tcp to:172.17.0.15:443 | |
| Chain KUBE-SEP-PFOIW7FSQ22UM5OC (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.27 0.0.0.0/0 /* myproject/nodejs-ex:8080-tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* myproject/nodejs-ex:8080-tcp */ tcp to:172.17.0.27:8080 | |
| Chain KUBE-SEP-PJ337S6BZCGKUVHO (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 192.168.64.5 0.0.0.0/0 /* default/router:1936-tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/router:1936-tcp */ tcp to:192.168.64.5:1936 | |
| Chain KUBE-SEP-PYCVVP4B5JPDRG3C (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.6 0.0.0.0/0 /* istio-system/istio-egressgateway:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-egressgateway:https */ tcp to:172.17.0.6:443 | |
| Chain KUBE-SEP-RQVFCTLCQKACNRCW (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.16 0.0.0.0/0 /* istio-system/istio-pilot:http-legacy-discovery */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:http-legacy-discovery */ tcp to:172.17.0.16:8080 | |
| Chain KUBE-SEP-RXN462GCP7CEFXIX (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls */ tcp to:172.17.0.15:853 | |
| Chain KUBE-SEP-SIOSKXGMPXWFWMAX (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.18 0.0.0.0/0 /* knative-build/build-webhook: */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-build/build-webhook: */ tcp to:172.17.0.18:443 | |
| Chain KUBE-SEP-SYYMG3Z3BROW2YUJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.25 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ tcp to:172.17.0.25:8080 | |
| Chain KUBE-SEP-TRJ763CNQ4NUZ4ON (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https */ tcp to:172.17.0.20:443 | |
| Chain KUBE-SEP-TXPUTASKN4SMWXT2 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.11 0.0.0.0/0 /* istio-system/istio-telemetry:grpc-mixer */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:grpc-mixer */ tcp to:172.17.0.11:9091 | |
| Chain KUBE-SEP-W2JGZKLVGNQXTMFA (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.16 0.0.0.0/0 /* istio-system/istio-pilot:grpc-xds */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:grpc-xds */ tcp to:172.17.0.16:15010 | |
| Chain KUBE-SEP-W5FGLMJTLCGZW4WT (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.15 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls */ tcp to:172.17.0.15:15011 | |
| Chain KUBE-SEP-WMRXMZ4BJET6L3YH (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 */ tcp to:172.17.0.20:80 | |
| Chain KUBE-SEP-X2FOQUKAAXINQU4M (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus */ tcp to:172.17.0.20:15030 | |
| Chain KUBE-SEP-Z67SDGETP3G55XQC (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.19 0.0.0.0/0 /* knative-build/build-controller:metrics */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-build/build-controller:metrics */ tcp to:172.17.0.19:9090 | |
| Chain KUBE-SEP-ZT2JJGWVSOWYQYMN (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.20 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp */ tcp to:172.17.0.20:31400 | |
| Chain KUBE-SEP-ZWSK56N36DFAS67Q (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-MARK-MASQ all -- * * 172.17.0.8 0.0.0.0/0 /* openshift-web-console/webconsole:https */ | |
| 0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* openshift-web-console/webconsole:https */ tcp to:172.17.0.8:8443 | |
| Chain KUBE-SERVICES (2 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SVC-NPX46M4PTMTKRN6Y tcp -- * * 0.0.0.0/0 172.30.0.1 /* default/kubernetes:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-FWUZ7WRQUHHJNJ54 tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:tcp-dns-tls cluster IP */ tcp dpt:853 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-dns-tls external IP */ tcp dpt:853 | |
| 0 0 KUBE-SVC-FWUZ7WRQUHHJNJ54 tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-dns-tls external IP */ tcp dpt:853 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-FWUZ7WRQUHHJNJ54 tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-dns-tls external IP */ tcp dpt:853 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-FWUZ7WRQUHHJNJ54 tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-dns-tls loadbalancer IP */ tcp dpt:853 | |
| 0 0 KUBE-SVC-KAMYK5TIXMZU3YTO tcp -- * * 0.0.0.0/0 172.30.149.94 /* istio-system/istio-policy:http-monitoring cluster IP */ tcp dpt:9093 | |
| 0 0 KUBE-SVC-POFVSRMRNLJ5KKAQ tcp -- * * 0.0.0.0/0 172.30.60.226 /* istio-system/istio-telemetry:grpc-mixer-mtls cluster IP */ tcp dpt:15004 | |
| 0 0 KUBE-SVC-SWAUWSHBU25OTO33 tcp -- * * 0.0.0.0/0 172.30.60.226 /* istio-system/istio-telemetry:prometheus cluster IP */ tcp dpt:42422 | |
| 0 0 KUBE-SVC-OGQMGMU3LSHYSNCB tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:tcp cluster IP */ tcp dpt:31400 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp external IP */ tcp dpt:31400 | |
| 0 0 KUBE-SVC-OGQMGMU3LSHYSNCB tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp external IP */ tcp dpt:31400 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-OGQMGMU3LSHYSNCB tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp external IP */ tcp dpt:31400 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-OGQMGMU3LSHYSNCB tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp loadbalancer IP */ tcp dpt:31400 | |
| 0 0 KUBE-SVC-SSIYHGUZHYLD6GD6 tcp -- * * 0.0.0.0/0 172.30.73.114 /* knative-serving/controller:metrics cluster IP */ tcp dpt:9090 | |
| 229 17637 KUBE-SVC-KVK7EKX76NWKZSPC udp -- * * 0.0.0.0/0 172.30.0.2 /* kube-dns/kube-dns:dns-udp cluster IP */ udp dpt:53 | |
| 0 0 KUBE-SVC-ADCURMKBWTVYQV3X tcp -- * * 0.0.0.0/0 172.30.4.160 /* openshift-web-console/webconsole:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-55XDDSOMT7GLYG6B tcp -- * * 0.0.0.0/0 172.30.19.250 /* istio-system/istio-galley:http-monitoring cluster IP */ tcp dpt:9093 | |
| 0 0 KUBE-SVC-F4WP6CIDODMYIYVX tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls cluster IP */ tcp dpt:15011 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls external IP */ tcp dpt:15011 | |
| 0 0 KUBE-SVC-F4WP6CIDODMYIYVX tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls external IP */ tcp dpt:15011 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-F4WP6CIDODMYIYVX tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls external IP */ tcp dpt:15011 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-F4WP6CIDODMYIYVX tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ tcp dpt:15011 | |
| 0 0 KUBE-SVC-GSBZVFVWGYEG3WJK tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:http2-grafana cluster IP */ tcp dpt:15031 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-grafana external IP */ tcp dpt:15031 | |
| 0 0 KUBE-SVC-GSBZVFVWGYEG3WJK tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-grafana external IP */ tcp dpt:15031 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-GSBZVFVWGYEG3WJK tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-grafana external IP */ tcp dpt:15031 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-GSBZVFVWGYEG3WJK tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-grafana loadbalancer IP */ tcp dpt:15031 | |
| 0 0 KUBE-SVC-NM6OF7LZYCSWPYSN tcp -- * * 0.0.0.0/0 172.30.152.90 /* openshift-apiserver/api:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-MOJGSJ7NVZO75AX4 tcp -- * * 0.0.0.0/0 172.30.143.51 /* istio-system/istio-sidecar-injector: cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-Z6P5Y4LX7OQZKXON tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:http2 cluster IP */ tcp dpt:80 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2 external IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-Z6P5Y4LX7OQZKXON tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2 external IP */ tcp dpt:80 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-Z6P5Y4LX7OQZKXON tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2 external IP */ tcp dpt:80 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-Z6P5Y4LX7OQZKXON tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2 loadbalancer IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-GQKZAHCS5DTMHUQ6 tcp -- * * 0.0.0.0/0 172.30.219.173 /* default/router:80-tcp cluster IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-4JCRTMMYZAAYMIJ2 tcp -- * * 0.0.0.0/0 172.30.219.173 /* default/router:1936-tcp cluster IP */ tcp dpt:1936 | |
| 0 0 KUBE-SVC-3XHAPDZ2SSE6DUFQ tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:http2-prometheus cluster IP */ tcp dpt:15030 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-prometheus external IP */ tcp dpt:15030 | |
| 0 0 KUBE-SVC-3XHAPDZ2SSE6DUFQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-prometheus external IP */ tcp dpt:15030 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-3XHAPDZ2SSE6DUFQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-prometheus external IP */ tcp dpt:15030 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-3XHAPDZ2SSE6DUFQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-prometheus loadbalancer IP */ tcp dpt:15030 | |
| 0 0 KUBE-SVC-U2XTOAGOXQJP3ONI tcp -- * * 0.0.0.0/0 172.30.149.94 /* istio-system/istio-policy:grpc-mixer cluster IP */ tcp dpt:9091 | |
| 0 0 KUBE-SVC-LTOKVKL3D46WIGR3 tcp -- * * 0.0.0.0/0 172.30.60.226 /* istio-system/istio-telemetry:grpc-mixer cluster IP */ tcp dpt:9091 | |
| 0 0 KUBE-SVC-RUWFI7HBXALYDPMD tcp -- * * 0.0.0.0/0 172.30.76.158 /* knative-build/build-controller:metrics cluster IP */ tcp dpt:9090 | |
| 0 0 KUBE-SVC-PC3MFM6XGWMWTUG6 tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls cluster IP */ tcp dpt:15011 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls external IP */ tcp dpt:15011 | |
| 0 0 KUBE-SVC-PC3MFM6XGWMWTUG6 tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls external IP */ tcp dpt:15011 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-PC3MFM6XGWMWTUG6 tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls external IP */ tcp dpt:15011 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-PC3MFM6XGWMWTUG6 tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls loadbalancer IP */ tcp dpt:15011 | |
| 0 0 KUBE-SVC-GXKK6XCKEA3OZPUD tcp -- * * 0.0.0.0/0 172.30.181.229 /* knative-serving/kbuffer-service:http cluster IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-IKV43KYNCXS2W7KZ tcp -- * * 0.0.0.0/0 172.30.219.173 /* default/router:443-tcp cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-FNIRFTR6AM2WTDP7 tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:http2-grafana cluster IP */ tcp dpt:15031 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-grafana external IP */ tcp dpt:15031 | |
| 0 0 KUBE-SVC-FNIRFTR6AM2WTDP7 tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-grafana external IP */ tcp dpt:15031 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-FNIRFTR6AM2WTDP7 tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-grafana external IP */ tcp dpt:15031 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-FNIRFTR6AM2WTDP7 tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2-grafana loadbalancer IP */ tcp dpt:15031 | |
| 0 0 KUBE-SVC-YGLWZMENMIM6GX3O tcp -- * * 0.0.0.0/0 172.30.119.185 /* istio-system/istio-pilot:http-legacy-discovery cluster IP */ tcp dpt:8080 | |
| 0 0 KUBE-SVC-62L5C2KEOX6ICGVJ tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:tcp cluster IP */ tcp dpt:31400 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp external IP */ tcp dpt:31400 | |
| 0 0 KUBE-SVC-62L5C2KEOX6ICGVJ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp external IP */ tcp dpt:31400 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-62L5C2KEOX6ICGVJ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp external IP */ tcp dpt:31400 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-62L5C2KEOX6ICGVJ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp loadbalancer IP */ tcp dpt:31400 | |
| 0 0 KUBE-SVC-5QNLRKBR3M2YDX7H tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:https external IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-5QNLRKBR3M2YDX7H tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:https external IP */ tcp dpt:443 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-5QNLRKBR3M2YDX7H tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:https external IP */ tcp dpt:443 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-5QNLRKBR3M2YDX7H tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:https loadbalancer IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-F2IARDLERJIFF7VR tcp -- * * 0.0.0.0/0 172.30.163.184 /* istio-system/istio-egressgateway:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-DVMPY5RYN62D73EJ tcp -- * * 0.0.0.0/0 172.30.119.185 /* istio-system/istio-pilot:https-xds cluster IP */ tcp dpt:15011 | |
| 0 0 KUBE-SVC-LZWSK5L6AOM76SDF tcp -- * * 0.0.0.0/0 172.30.69.66 /* knative-serving/autoscaler:metrics cluster IP */ tcp dpt:9090 | |
| 0 0 KUBE-SVC-WM573AX6QFQQDODJ tcp -- * * 0.0.0.0/0 172.30.227.133 /* openshift-service-cert-signer/service-serving-cert-signer:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-YX5U4MSGCU6XQGQJ tcp -- * * 0.0.0.0/0 172.30.207.157 /* knative-serving/webhook: cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-7N6LHPYFOVFT454K tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:https cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:https external IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-7N6LHPYFOVFT454K tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:https external IP */ tcp dpt:443 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-7N6LHPYFOVFT454K tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:https external IP */ tcp dpt:443 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-7N6LHPYFOVFT454K tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:https loadbalancer IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-URHNY53EOWC2EMYB udp -- * * 0.0.0.0/0 172.30.172.2 /* istio-system/istio-statsd-prom-bridge:statsd-udp cluster IP */ udp dpt:9125 | |
| 0 0 KUBE-SVC-4ZW5ZPTSOVKRFMZU tcp -- * * 0.0.0.0/0 172.30.208.66 /* myproject/nodejs-ex:8080-tcp cluster IP */ tcp dpt:8080 | |
| 0 0 KUBE-SVC-QJJG3M25RNOTAGWM tcp -- * * 0.0.0.0/0 172.30.0.2 /* kube-dns/kube-dns:dns-tcp cluster IP */ tcp dpt:53 | |
| 0 0 KUBE-SVC-G6D3V5KS3PXPUEDS tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:http2 cluster IP */ tcp dpt:80 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2 external IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-G6D3V5KS3PXPUEDS tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2 external IP */ tcp dpt:80 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-G6D3V5KS3PXPUEDS tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2 external IP */ tcp dpt:80 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-G6D3V5KS3PXPUEDS tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:http2 loadbalancer IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-TUZA6CVEP5VUF2XG tcp -- * * 0.0.0.0/0 172.30.149.94 /* istio-system/istio-policy:grpc-mixer-mtls cluster IP */ tcp dpt:15004 | |
| 0 0 KUBE-SVC-6W6JV2RNZSFPWRVZ tcp -- * * 0.0.0.0/0 172.30.150.88 /* istio-system/istio-citadel:grpc-citadel cluster IP */ tcp dpt:8060 | |
| 0 0 KUBE-SVC-22SFEYCEMTJRPU4Y tcp -- * * 0.0.0.0/0 172.30.119.185 /* istio-system/istio-pilot:http-monitoring cluster IP */ tcp dpt:9093 | |
| 0 0 KUBE-SVC-X3ULCYYQWWNNGZZF tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:tcp-dns-tls cluster IP */ tcp dpt:853 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-dns-tls external IP */ tcp dpt:853 | |
| 0 0 KUBE-SVC-X3ULCYYQWWNNGZZF tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-dns-tls external IP */ tcp dpt:853 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-X3ULCYYQWWNNGZZF tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-dns-tls external IP */ tcp dpt:853 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-X3ULCYYQWWNNGZZF tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-dns-tls loadbalancer IP */ tcp dpt:853 | |
| 0 0 KUBE-SVC-IYNORUWRU3IJA6RK tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:http2-prometheus cluster IP */ tcp dpt:15030 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-prometheus external IP */ tcp dpt:15030 | |
| 0 0 KUBE-SVC-IYNORUWRU3IJA6RK tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-prometheus external IP */ tcp dpt:15030 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-IYNORUWRU3IJA6RK tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-prometheus external IP */ tcp dpt:15030 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-IYNORUWRU3IJA6RK tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:http2-prometheus loadbalancer IP */ tcp dpt:15030 | |
| 0 0 KUBE-SVC-T6ISBDURAFJGMIDC tcp -- * * 0.0.0.0/0 172.30.181.229 /* knative-serving/kbuffer-service:metrics cluster IP */ tcp dpt:9090 | |
| 0 0 KUBE-SVC-4BQASKKZBUHVUKPW tcp -- * * 0.0.0.0/0 172.30.34.23 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls cluster IP */ tcp dpt:8060 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls external IP */ tcp dpt:8060 | |
| 0 0 KUBE-SVC-4BQASKKZBUHVUKPW tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls external IP */ tcp dpt:8060 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-4BQASKKZBUHVUKPW tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls external IP */ tcp dpt:8060 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-4BQASKKZBUHVUKPW tcp -- * * 0.0.0.0/0 172.29.129.90 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ tcp dpt:8060 | |
| 0 0 KUBE-SVC-ECTPRXTXBM34L34Q tcp -- * * 0.0.0.0/0 172.30.1.1 /* default/docker-registry:5000-tcp cluster IP */ tcp dpt:5000 | |
| 0 0 KUBE-SVC-OUON3FTD7HM7NL6D tcp -- * * 0.0.0.0/0 172.30.19.250 /* istio-system/istio-galley:https-validation cluster IP */ tcp dpt:443 | |
| 0 0 KUBE-SVC-IBZWWK3KTI7UHZ5A tcp -- * * 0.0.0.0/0 172.30.163.184 /* istio-system/istio-egressgateway:http2 cluster IP */ tcp dpt:80 | |
| 0 0 KUBE-SVC-RE6JWH3DBIURQRB2 tcp -- * * 0.0.0.0/0 172.30.119.185 /* istio-system/istio-pilot:grpc-xds cluster IP */ tcp dpt:15010 | |
| 0 0 KUBE-SVC-6EJUSLW6MCXQ7WBR tcp -- * * 0.0.0.0/0 172.30.84.107 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls cluster IP */ tcp dpt:8060 | |
| 0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls external IP */ tcp dpt:8060 | |
| 0 0 KUBE-SVC-6EJUSLW6MCXQ7WBR tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls external IP */ tcp dpt:8060 PHYSDEV match ! --physdev-is-in ADDRTYPE match src-type !LOCAL | |
| 0 0 KUBE-SVC-6EJUSLW6MCXQ7WBR tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls external IP */ tcp dpt:8060 ADDRTYPE match dst-type LOCAL | |
| 0 0 KUBE-FW-6EJUSLW6MCXQ7WBR tcp -- * * 0.0.0.0/0 172.29.118.190 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls loadbalancer IP */ tcp dpt:8060 | |
| 0 0 KUBE-SVC-AQRMG6IRWZEMWSU7 tcp -- * * 0.0.0.0/0 172.30.69.66 /* knative-serving/autoscaler:websocket cluster IP */ tcp dpt:8080 | |
| 0 0 KUBE-SVC-7NKQV7KRSMGKZMKF tcp -- * * 0.0.0.0/0 172.30.60.226 /* istio-system/istio-telemetry:http-monitoring cluster IP */ tcp dpt:9093 | |
| 0 0 KUBE-SVC-RPUGQCDLMV3GNS5S tcp -- * * 0.0.0.0/0 172.30.172.2 /* istio-system/istio-statsd-prom-bridge:statsd-prom cluster IP */ tcp dpt:9102 | |
| 0 0 KUBE-SVC-MOGYKZGMI2GFGYKR tcp -- * * 0.0.0.0/0 172.30.150.88 /* istio-system/istio-citadel:http-monitoring cluster IP */ tcp dpt:9093 | |
| 0 0 KUBE-SVC-NAJMRQ3UUZJJQAPL tcp -- * * 0.0.0.0/0 172.30.57.238 /* knative-build/build-webhook: cluster IP */ tcp dpt:443 | |
| 20 1200 KUBE-NODEPORTS all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service nodeports; NOTE: this must be the last rule in this chain */ ADDRTYPE match dst-type LOCAL | |
| Chain KUBE-SVC-22SFEYCEMTJRPU4Y (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-FMQBMUOOIXPPUQ32 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:http-monitoring */ | |
| Chain KUBE-SVC-3XHAPDZ2SSE6DUFQ (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-446ULEPXLPNFJKYZ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-prometheus */ | |
| Chain KUBE-SVC-4BQASKKZBUHVUKPW (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-MLCP664A63O4ERTO all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-citadel-grpc-tls */ | |
| Chain KUBE-SVC-4JCRTMMYZAAYMIJ2 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-PJ337S6BZCGKUVHO all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/router:1936-tcp */ | |
| Chain KUBE-SVC-4ZW5ZPTSOVKRFMZU (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-PFOIW7FSQ22UM5OC all -- * * 0.0.0.0/0 0.0.0.0/0 /* myproject/nodejs-ex:8080-tcp */ | |
| Chain KUBE-SVC-55XDDSOMT7GLYG6B (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-I4N4Q2S37GFNDVIZ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-galley:http-monitoring */ | |
| Chain KUBE-SVC-5QNLRKBR3M2YDX7H (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-TRJ763CNQ4NUZ4ON all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:https */ | |
| Chain KUBE-SVC-62L5C2KEOX6ICGVJ (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-KBYMJBITBYFIBVIM all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp */ | |
| Chain KUBE-SVC-6EJUSLW6MCXQ7WBR (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-F72PL6NH2TPQ6YX3 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-citadel-grpc-tls */ | |
| Chain KUBE-SVC-6W6JV2RNZSFPWRVZ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-3FZ3MBCRGQYV73SA all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-citadel:grpc-citadel */ | |
| Chain KUBE-SVC-7N6LHPYFOVFT454K (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-P5ZYBPTCIGWZFM2M all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:https */ | |
| Chain KUBE-SVC-7NKQV7KRSMGKZMKF (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-7SBCV7LB2SAO7KLX all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:http-monitoring */ | |
| Chain KUBE-SVC-ADCURMKBWTVYQV3X (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-ZWSK56N36DFAS67Q all -- * * 0.0.0.0/0 0.0.0.0/0 /* openshift-web-console/webconsole:https */ | |
| Chain KUBE-SVC-AQRMG6IRWZEMWSU7 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-55J5DYXIQMAVXC3E all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/autoscaler:websocket */ | |
| Chain KUBE-SVC-DVMPY5RYN62D73EJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-K6HPOTAJLETA3DZK all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:https-xds */ | |
| Chain KUBE-SVC-ECTPRXTXBM34L34Q (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-M2IV427CWKFV5XUH all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/docker-registry:5000-tcp */ recent: CHECK seconds: 10800 reap name: KUBE-SEP-M2IV427CWKFV5XUH side: source mask: 255.255.255.255 | |
| 0 0 KUBE-SEP-M2IV427CWKFV5XUH all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/docker-registry:5000-tcp */ | |
| Chain KUBE-SVC-F2IARDLERJIFF7VR (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-PYCVVP4B5JPDRG3C all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-egressgateway:https */ | |
| Chain KUBE-SVC-F4WP6CIDODMYIYVX (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-W5FGLMJTLCGZW4WT all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-pilot-grpc-tls */ | |
| Chain KUBE-SVC-FNIRFTR6AM2WTDP7 (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-6N7TJ3M4X7JZDX7B all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2-grafana */ | |
| Chain KUBE-SVC-FWUZ7WRQUHHJNJ54 (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-RXN462GCP7CEFXIX all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:tcp-dns-tls */ | |
| Chain KUBE-SVC-G6D3V5KS3PXPUEDS (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-AVKIUNUTMWUROWL4 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-ingressgateway:http2 */ | |
| Chain KUBE-SVC-GQKZAHCS5DTMHUQ6 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-4RGVWUTW5R2MNVPQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/router:80-tcp */ | |
| Chain KUBE-SVC-GSBZVFVWGYEG3WJK (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-5442HHIQ3IWSJIMP all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-grafana */ | |
| Chain KUBE-SVC-GXKK6XCKEA3OZPUD (2 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-B2GZWLHRU7M2M5GQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ statistic mode random probability 0.33332999982 | |
| 0 0 KUBE-SEP-SYYMG3Z3BROW2YUJ all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ statistic mode random probability 0.50000000000 | |
| 0 0 KUBE-SEP-23TUEVBIRGCMFV63 all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:http */ | |
| Chain KUBE-SVC-IBZWWK3KTI7UHZ5A (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-7CB3DBZ3OHKNHSQ7 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-egressgateway:http2 */ | |
| Chain KUBE-SVC-IKV43KYNCXS2W7KZ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-4WQKWYMND6MJ264F all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/router:443-tcp */ | |
| Chain KUBE-SVC-IYNORUWRU3IJA6RK (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-X2FOQUKAAXINQU4M all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2-prometheus */ | |
| Chain KUBE-SVC-KAMYK5TIXMZU3YTO (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-IFGFPBF2I2AZTJAF all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-policy:http-monitoring */ | |
| Chain KUBE-SVC-KVK7EKX76NWKZSPC (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 229 17637 KUBE-SEP-EEY7M7UUPFQUNLVJ all -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-dns/kube-dns:dns-udp */ | |
| Chain KUBE-SVC-LTOKVKL3D46WIGR3 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-TXPUTASKN4SMWXT2 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:grpc-mixer */ | |
| Chain KUBE-SVC-LZWSK5L6AOM76SDF (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-34X5AWYLINHYRWQW all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/autoscaler:metrics */ | |
| Chain KUBE-SVC-MOGYKZGMI2GFGYKR (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-NBZN3PZ43LZ2UYEC all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-citadel:http-monitoring */ | |
| Chain KUBE-SVC-MOJGSJ7NVZO75AX4 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-IAA5TG5T7WINRD3K all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-sidecar-injector: */ | |
| Chain KUBE-SVC-NAJMRQ3UUZJJQAPL (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-SIOSKXGMPXWFWMAX all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-build/build-webhook: */ | |
| Chain KUBE-SVC-NM6OF7LZYCSWPYSN (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-AACMB4KOAMY4LZGX all -- * * 0.0.0.0/0 0.0.0.0/0 /* openshift-apiserver/api:https */ | |
| Chain KUBE-SVC-NPX46M4PTMTKRN6Y (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-4FF5DFWZNAIOQIW5 all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/kubernetes:https */ | |
| Chain KUBE-SVC-OGQMGMU3LSHYSNCB (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-ZT2JJGWVSOWYQYMN all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp */ | |
| Chain KUBE-SVC-OUON3FTD7HM7NL6D (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-O6BLRF7I3QYKT42E all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-galley:https-validation */ | |
| Chain KUBE-SVC-PC3MFM6XGWMWTUG6 (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-GKNBXQTJMZIPHROE all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-pilot-grpc-tls */ | |
| Chain KUBE-SVC-POFVSRMRNLJ5KKAQ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-EW63DDJLE4XG7R57 all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:grpc-mixer-mtls */ | |
| Chain KUBE-SVC-QJJG3M25RNOTAGWM (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-3SHHSUDEMMOLVVPQ all -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-dns/kube-dns:dns-tcp */ | |
| Chain KUBE-SVC-RE6JWH3DBIURQRB2 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-W2JGZKLVGNQXTMFA all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:grpc-xds */ | |
| Chain KUBE-SVC-RPUGQCDLMV3GNS5S (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-O3X4YBY5EJI2BMHM all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-statsd-prom-bridge:statsd-prom */ | |
| Chain KUBE-SVC-RUWFI7HBXALYDPMD (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-Z67SDGETP3G55XQC all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-build/build-controller:metrics */ | |
| Chain KUBE-SVC-SSIYHGUZHYLD6GD6 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-KLQTWRJM46XA6GTY all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/controller:metrics */ | |
| Chain KUBE-SVC-SWAUWSHBU25OTO33 (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-2AQZFRUZHUFLSLEJ all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-telemetry:prometheus */ | |
| Chain KUBE-SVC-T6ISBDURAFJGMIDC (2 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-N53QKFCSADREJMVM all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ statistic mode random probability 0.33332999982 | |
| 0 0 KUBE-SEP-JJQLWGXBQ7W7FOY3 all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ statistic mode random probability 0.50000000000 | |
| 0 0 KUBE-SEP-NOLTFSL7YK2IEYVU all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/kbuffer-service:metrics */ | |
| Chain KUBE-SVC-TUZA6CVEP5VUF2XG (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-LQW2LSZYXZIIXOOI all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-policy:grpc-mixer-mtls */ | |
| Chain KUBE-SVC-U2XTOAGOXQJP3ONI (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-F7MJR5CV2QSESVRF all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-policy:grpc-mixer */ | |
| Chain KUBE-SVC-URHNY53EOWC2EMYB (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-GVOS5N5E6JYZYENA all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-statsd-prom-bridge:statsd-udp */ | |
| Chain KUBE-SVC-WM573AX6QFQQDODJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-DSV4EZQZTY2T5M7A all -- * * 0.0.0.0/0 0.0.0.0/0 /* openshift-service-cert-signer/service-serving-cert-signer:https */ | |
| Chain KUBE-SVC-X3ULCYYQWWNNGZZF (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-DD4SUP2YB3MAYAJT all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:tcp-dns-tls */ | |
| Chain KUBE-SVC-YGLWZMENMIM6GX3O (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-RQVFCTLCQKACNRCW all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/istio-pilot:http-legacy-discovery */ | |
| Chain KUBE-SVC-YX5U4MSGCU6XQGQJ (1 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-JCW5U3GSICSNX7V5 all -- * * 0.0.0.0/0 0.0.0.0/0 /* knative-serving/webhook: */ | |
| Chain KUBE-SVC-Z6P5Y4LX7OQZKXON (5 references) | |
| pkts bytes target prot opt in out source destination | |
| 0 0 KUBE-SEP-WMRXMZ4BJET6L3YH all -- * * 0.0.0.0/0 0.0.0.0/0 /* istio-system/knative-ingressgateway:http2 */ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment