github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2025-07-21 19:01:49 +00:00
Code Issues Projects Releases Wiki Activity

Merge pull request #112463 from Nordix/fix-ipvs-filter

Browse Source 
Corrects target in the KUBE-IPVS-FILTER chain
This commit is contained in:
Kubernetes Prow Robot 2022-09-15 02:45:22 -07:00 committed by GitHub
commit 918f84cd90
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/proxy/ipvs/proxier.go
View File

@ -1807,13 +1807,13 @@ func (proxier *Proxier) writeIptablesRules() {
// https://github.com/kubernetes/kubernetes/issues/72236
proxier.filterRules.Write(
"-A", string(kubeIPVSFilterChain),
"-m", "set", "--match-set", proxier.ipsetList[kubeLoadBalancerSet].Name, "dst,dst", "-j", "ACCEPT")
"-m", "set", "--match-set", proxier.ipsetList[kubeLoadBalancerSet].Name, "dst,dst", "-j", "RETURN")
proxier.filterRules.Write(
"-A", string(kubeIPVSFilterChain),
"-m", "set", "--match-set", proxier.ipsetList[kubeClusterIPSet].Name, "dst,dst", "-j", "ACCEPT")
"-m", "set", "--match-set", proxier.ipsetList[kubeClusterIPSet].Name, "dst,dst", "-j", "RETURN")
proxier.filterRules.Write(
"-A", string(kubeIPVSFilterChain),
"-m", "set", "--match-set", proxier.ipsetList[kubeExternalIPSet].Name, "dst,dst", "-j", "ACCEPT")
"-m", "set", "--match-set", proxier.ipsetList[kubeExternalIPSet].Name, "dst,dst", "-j", "RETURN")
proxier.filterRules.Write(
"-A", string(kubeIPVSFilterChain),
"-m", "conntrack", "--ctstate", "NEW",