Created
March 5, 2022 21:07
-
-
Save prateekgogia/40778f56c890518fcb2d727d8495c907 to your computer and use it in GitHub Desktop.
iptables save output
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Generated by iptables-save v1.8.4 on Sat Mar 5 21:07:17 2022 | |
| *mangle | |
| :PREROUTING ACCEPT [170647:181430582] | |
| :INPUT ACCEPT [170453:181408092] | |
| :FORWARD ACCEPT [194:22490] | |
| :OUTPUT ACCEPT [164671:27615554] | |
| :POSTROUTING ACCEPT [164861:27636334] | |
| :KUBE-KUBELET-CANARY - [0:0] | |
| :KUBE-PROXY-CANARY - [0:0] | |
| -A PREROUTING -i eth0 -m comment --comment "AWS, primary ENI" -m addrtype --dst-type LOCAL --limit-iface-in -j CONNMARK --set-xmark 0x80/0x80 | |
| -A PREROUTING -i eni+ -m comment --comment "AWS, primary ENI" -j CONNMARK --restore-mark --nfmask 0x80 --ctmask 0x80 | |
| -A PREROUTING -i vlan+ -m comment --comment "AWS, primary ENI" -j CONNMARK --restore-mark --nfmask 0x80 --ctmask 0x80 | |
| COMMIT | |
| # Completed on Sat Mar 5 21:07:17 2022 | |
| # Generated by iptables-save v1.8.4 on Sat Mar 5 21:07:17 2022 | |
| *filter | |
| :INPUT ACCEPT [109349:27449407] | |
| :FORWARD ACCEPT [45:3588] | |
| :OUTPUT ACCEPT [106799:17493857] | |
| :DOCKER - [0:0] | |
| :DOCKER-ISOLATION-STAGE-1 - [0:0] | |
| :DOCKER-ISOLATION-STAGE-2 - [0:0] | |
| :DOCKER-USER - [0:0] | |
| :KUBE-EXTERNAL-SERVICES - [0:0] | |
| :KUBE-FIREWALL - [0:0] | |
| :KUBE-FORWARD - [0:0] | |
| :KUBE-KUBELET-CANARY - [0:0] | |
| :KUBE-NODEPORTS - [0:0] | |
| :KUBE-PROXY-CANARY - [0:0] | |
| :KUBE-SERVICES - [0:0] | |
| -A INPUT -m comment --comment "kubernetes health check service ports" -j KUBE-NODEPORTS | |
| -A INPUT -m conntrack --ctstate NEW -m comment --comment "kubernetes externally-visible service portals" -j KUBE-EXTERNAL-SERVICES | |
| -A INPUT -j KUBE-FIREWALL | |
| -A FORWARD -m comment --comment "kubernetes forwarding rules" -j KUBE-FORWARD | |
| -A FORWARD -m conntrack --ctstate NEW -m comment --comment "kubernetes service portals" -j KUBE-SERVICES | |
| -A FORWARD -m conntrack --ctstate NEW -m comment --comment "kubernetes externally-visible service portals" -j KUBE-EXTERNAL-SERVICES | |
| -A FORWARD -j DOCKER-USER | |
| -A OUTPUT -m conntrack --ctstate NEW -m comment --comment "kubernetes service portals" -j KUBE-SERVICES | |
| -A OUTPUT -j KUBE-FIREWALL | |
| -A DOCKER-ISOLATION-STAGE-1 -j RETURN | |
| -A DOCKER-ISOLATION-STAGE-2 -j RETURN | |
| -A DOCKER-USER -j RETURN | |
| -A KUBE-FIREWALL -m comment --comment "kubernetes firewall for dropping marked packets" -m mark --mark 0x8000/0x8000 -j DROP | |
| -A KUBE-FIREWALL ! -s 127.0.0.0/8 -d 127.0.0.0/8 -m comment --comment "block incoming localnet connections" -m conntrack ! --ctstate RELATED,ESTABLISHED,DNAT -j DROP | |
| -A KUBE-FORWARD -m conntrack --ctstate INVALID -j DROP | |
| -A KUBE-FORWARD -m comment --comment "kubernetes forwarding rules" -m mark --mark 0x4000/0x4000 -j ACCEPT | |
| -A KUBE-FORWARD -m comment --comment "kubernetes forwarding conntrack pod source rule" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT | |
| -A KUBE-FORWARD -m comment --comment "kubernetes forwarding conntrack pod destination rule" -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT | |
| COMMIT | |
| # Completed on Sat Mar 5 21:07:17 2022 | |
| # Generated by iptables-save v1.8.4 on Sat Mar 5 21:07:17 2022 | |
| *nat | |
| :PREROUTING ACCEPT [111:6940] | |
| :INPUT ACCEPT [110:6584] | |
| :OUTPUT ACCEPT [8395:516581] | |
| :POSTROUTING ACCEPT [1833:119693] | |
| :AWS-CONNMARK-CHAIN-0 - [0:0] | |
| :AWS-CONNMARK-CHAIN-1 - [0:0] | |
| :AWS-SNAT-CHAIN-0 - [0:0] | |
| :AWS-SNAT-CHAIN-1 - [0:0] | |
| :DOCKER - [0:0] | |
| :KUBE-KUBELET-CANARY - [0:0] | |
| :KUBE-MARK-DROP - [0:0] | |
| :KUBE-MARK-MASQ - [0:0] | |
| :KUBE-NODEPORTS - [0:0] | |
| :KUBE-POSTROUTING - [0:0] | |
| :KUBE-PROXY-CANARY - [0:0] | |
| :KUBE-SEP-2OLTNAZXXGWUJEIY - [0:0] | |
| :KUBE-SEP-7UCZIAM7QFX5OCEG - [0:0] | |
| :KUBE-SEP-BTCSWG6DQTW3Y7HO - [0:0] | |
| :KUBE-SEP-C5ZRINPTFKHYMKZA - [0:0] | |
| :KUBE-SEP-D3QQMIMF7WQCZCUR - [0:0] | |
| :KUBE-SEP-GCCBZQFNDEZENIFU - [0:0] | |
| :KUBE-SEP-H3BKH4LXUWT76RXM - [0:0] | |
| :KUBE-SEP-J4OZT7TCTMBXUZKU - [0:0] | |
| :KUBE-SEP-KKRKF7JYWQNAIJ5P - [0:0] | |
| :KUBE-SEP-KSCZISFWOJDBNOPA - [0:0] | |
| :KUBE-SEP-MOBABC2Z3BKDW2FB - [0:0] | |
| :KUBE-SEP-MQWIEZ7YEGNZ5FAF - [0:0] | |
| :KUBE-SEP-N457YRWOMF7UEULS - [0:0] | |
| :KUBE-SEP-N57D657OJIBJRMFJ - [0:0] | |
| :KUBE-SEP-SRYRRVANWJEB5EVJ - [0:0] | |
| :KUBE-SEP-UVXNAQKOIEMQ37F7 - [0:0] | |
| :KUBE-SEP-VINBKV37SZLTG4X6 - [0:0] | |
| :KUBE-SEP-VN34UDDQRC2E3IQ5 - [0:0] | |
| :KUBE-SEP-ZLSTQCVANI4AMWRL - [0:0] | |
| :KUBE-SERVICES - [0:0] | |
| :KUBE-SVC-6KORXE4KRHTKTGVI - [0:0] | |
| :KUBE-SVC-74KYCW3D722FSGCA - [0:0] | |
| :KUBE-SVC-A6OZHL3K5XE2QFP7 - [0:0] | |
| :KUBE-SVC-BHGV2K3NRCAIZUFF - [0:0] | |
| :KUBE-SVC-ERIFXISQEP7F7OF4 - [0:0] | |
| :KUBE-SVC-FP56U3IB7O2NDDFT - [0:0] | |
| :KUBE-SVC-FXIYY6OHUSNBITIX - [0:0] | |
| :KUBE-SVC-JXXQ5QKELJRWT4EV - [0:0] | |
| :KUBE-SVC-L5JLFDCUFDUOSAFE - [0:0] | |
| :KUBE-SVC-NPX46M4PTMTKRN6Y - [0:0] | |
| :KUBE-SVC-TCOU7JCQXEZGVUNU - [0:0] | |
| :KUBE-SVC-UZFDVIVO2N6QXLRQ - [0:0] | |
| :KUBE-SVC-XCJNIJ77AUVIEMGB - [0:0] | |
| :KUBE-SVC-XS62VUIMGR5RELHB - [0:0] | |
| :KUBE-SVC-Z4ANX4WAEWEBLCTM - [0:0] | |
| :KUBE-SVC-ZN4GYROA76VVQE34 - [0:0] | |
| -A PREROUTING -m comment --comment "kubernetes service portals" -j KUBE-SERVICES | |
| -A PREROUTING -i eni+ -m comment --comment "AWS, outbound connections" -m state --state NEW -j AWS-CONNMARK-CHAIN-0 | |
| -A PREROUTING -m comment --comment "AWS, CONNMARK" -j CONNMARK --restore-mark --nfmask 0x80 --ctmask 0x80 | |
| -A OUTPUT -m comment --comment "kubernetes service portals" -j KUBE-SERVICES | |
| -A POSTROUTING -m comment --comment "kubernetes postrouting rules" -j KUBE-POSTROUTING | |
| -A POSTROUTING -m comment --comment "AWS SNAT CHAIN" -j AWS-SNAT-CHAIN-0 | |
| -A AWS-CONNMARK-CHAIN-0 ! -d 192.168.0.0/16 -m comment --comment "AWS CONNMARK CHAIN, VPC CIDR" -j AWS-CONNMARK-CHAIN-1 | |
| -A AWS-CONNMARK-CHAIN-1 -m comment --comment "AWS, CONNMARK" -j CONNMARK --set-xmark 0x80/0x80 | |
| -A AWS-SNAT-CHAIN-0 ! -d 192.168.0.0/16 -m comment --comment "AWS SNAT CHAIN" -j AWS-SNAT-CHAIN-1 | |
| -A AWS-SNAT-CHAIN-1 ! -o vlan+ -m comment --comment "AWS, SNAT" -m addrtype ! --dst-type LOCAL -j SNAT --to-source 192.168.1.80 --random-fully | |
| -A KUBE-MARK-DROP -j MARK --set-xmark 0x8000/0x8000 | |
| -A KUBE-MARK-MASQ -j MARK --set-xmark 0x4000/0x4000 | |
| -A KUBE-POSTROUTING -m mark ! --mark 0x4000/0x4000 -j RETURN | |
| -A KUBE-POSTROUTING -j MARK --set-xmark 0x4000/0x0 | |
| -A KUBE-POSTROUTING -m comment --comment "kubernetes service traffic requiring SNAT" -j MASQUERADE --random-fully | |
| -A KUBE-SEP-2OLTNAZXXGWUJEIY -s 192.168.11.18/32 -m comment --comment "kube-system/metrics-server:https" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-2OLTNAZXXGWUJEIY -p tcp -m comment --comment "kube-system/metrics-server:https" -m tcp -j DNAT --to-destination 192.168.11.18:4443 | |
| -A KUBE-SEP-7UCZIAM7QFX5OCEG -s 192.168.3.137/32 -m comment --comment "monitoring/pushgateway-prometheus-pushgateway:http" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-7UCZIAM7QFX5OCEG -p tcp -m comment --comment "monitoring/pushgateway-prometheus-pushgateway:http" -m tcp -j DNAT --to-destination 192.168.3.137:9091 | |
| -A KUBE-SEP-BTCSWG6DQTW3Y7HO -s 192.168.27.9/32 -m comment --comment "monitoring/prometheus-kube-prometheus-operator:https" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-BTCSWG6DQTW3Y7HO -p tcp -m comment --comment "monitoring/prometheus-kube-prometheus-operator:https" -m tcp -j DNAT --to-destination 192.168.27.9:10250 | |
| -A KUBE-SEP-C5ZRINPTFKHYMKZA -s 192.168.16.92/32 -m comment --comment "kube-system/aws-load-balancer-webhook-service" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-C5ZRINPTFKHYMKZA -p tcp -m comment --comment "kube-system/aws-load-balancer-webhook-service" -m tcp -j DNAT --to-destination 192.168.16.92:9443 | |
| -A KUBE-SEP-D3QQMIMF7WQCZCUR -s 192.168.102.248/32 -m comment --comment "default/kubernetes:https" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-D3QQMIMF7WQCZCUR -p tcp -m comment --comment "default/kubernetes:https" -m tcp -j DNAT --to-destination 192.168.102.248:443 | |
| -A KUBE-SEP-GCCBZQFNDEZENIFU -s 192.168.30.97/32 -m comment --comment "monitoring/prometheus-kube-prometheus-prometheus:http-web" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-GCCBZQFNDEZENIFU -p tcp -m comment --comment "monitoring/prometheus-kube-prometheus-prometheus:http-web" -m tcp -j DNAT --to-destination 192.168.30.97:9090 | |
| -A KUBE-SEP-H3BKH4LXUWT76RXM -s 192.168.3.164/32 -m comment --comment "kube-system/kube-dns:dns" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-H3BKH4LXUWT76RXM -p udp -m comment --comment "kube-system/kube-dns:dns" -m udp -j DNAT --to-destination 192.168.3.164:53 | |
| -A KUBE-SEP-J4OZT7TCTMBXUZKU -s 192.168.6.212/32 -m comment --comment "karpenter/karpenter-metrics:metrics" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-J4OZT7TCTMBXUZKU -p tcp -m comment --comment "karpenter/karpenter-metrics:metrics" -m tcp -j DNAT --to-destination 192.168.6.212:8080 | |
| -A KUBE-SEP-KKRKF7JYWQNAIJ5P -s 192.168.5.243/32 -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-KKRKF7JYWQNAIJ5P -p tcp -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics" -m tcp -j DNAT --to-destination 192.168.5.243:9100 | |
| -A KUBE-SEP-KSCZISFWOJDBNOPA -s 192.168.1.80/32 -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-KSCZISFWOJDBNOPA -p tcp -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics" -m tcp -j DNAT --to-destination 192.168.1.80:9100 | |
| -A KUBE-SEP-MOBABC2Z3BKDW2FB -s 192.168.148.165/32 -m comment --comment "default/kubernetes:https" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-MOBABC2Z3BKDW2FB -p tcp -m comment --comment "default/kubernetes:https" -m tcp -j DNAT --to-destination 192.168.148.165:443 | |
| -A KUBE-SEP-MQWIEZ7YEGNZ5FAF -s 192.168.3.164/32 -m comment --comment "kube-system/kube-dns:dns-tcp" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-MQWIEZ7YEGNZ5FAF -p tcp -m comment --comment "kube-system/kube-dns:dns-tcp" -m tcp -j DNAT --to-destination 192.168.3.164:53 | |
| -A KUBE-SEP-N457YRWOMF7UEULS -s 192.168.3.173/32 -m comment --comment "monitoring/prometheus-kube-prometheus-alertmanager:http-web" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-N457YRWOMF7UEULS -p tcp -m comment --comment "monitoring/prometheus-kube-prometheus-alertmanager:http-web" -m tcp -j DNAT --to-destination 192.168.3.173:9093 | |
| -A KUBE-SEP-N57D657OJIBJRMFJ -s 192.168.1.178/32 -m comment --comment "monitoring/prometheus-grafana:http-web" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-N57D657OJIBJRMFJ -p tcp -m comment --comment "monitoring/prometheus-grafana:http-web" -m tcp -j DNAT --to-destination 192.168.1.178:3000 | |
| -A KUBE-SEP-SRYRRVANWJEB5EVJ -s 192.168.13.205/32 -m comment --comment "monitoring/prometheus-kube-state-metrics:http" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-SRYRRVANWJEB5EVJ -p tcp -m comment --comment "monitoring/prometheus-kube-state-metrics:http" -m tcp -j DNAT --to-destination 192.168.13.205:8080 | |
| -A KUBE-SEP-UVXNAQKOIEMQ37F7 -s 192.168.15.191/32 -m comment --comment "kit/kit-webhook" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-UVXNAQKOIEMQ37F7 -p tcp -m comment --comment "kit/kit-webhook" -m tcp -j DNAT --to-destination 192.168.15.191:8443 | |
| -A KUBE-SEP-VINBKV37SZLTG4X6 -s 192.168.19.180/32 -m comment --comment "karpenter/karpenter-webhook" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-VINBKV37SZLTG4X6 -p tcp -m comment --comment "karpenter/karpenter-webhook" -m tcp -j DNAT --to-destination 192.168.19.180:8443 | |
| -A KUBE-SEP-VN34UDDQRC2E3IQ5 -s 192.168.172.93/32 -m comment --comment "default/kubernetes:https" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-VN34UDDQRC2E3IQ5 -p tcp -m comment --comment "default/kubernetes:https" -m tcp -j DNAT --to-destination 192.168.172.93:443 | |
| -A KUBE-SEP-ZLSTQCVANI4AMWRL -s 34.221.72.219/32 -m comment --comment "default/my-service" -j KUBE-MARK-MASQ | |
| -A KUBE-SEP-ZLSTQCVANI4AMWRL -p tcp -m comment --comment "default/my-service" -m tcp -j DNAT --to-destination 34.221.72.219:8443 | |
| -A KUBE-SERVICES -d 10.100.0.10/32 -p udp -m comment --comment "kube-system/kube-dns:dns cluster IP" -m udp --dport 53 -j KUBE-SVC-TCOU7JCQXEZGVUNU | |
| -A KUBE-SERVICES -d 10.100.0.10/32 -p tcp -m comment --comment "kube-system/kube-dns:dns-tcp cluster IP" -m tcp --dport 53 -j KUBE-SVC-ERIFXISQEP7F7OF4 | |
| -A KUBE-SERVICES -d 10.100.171.199/32 -p tcp -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics cluster IP" -m tcp --dport 9100 -j KUBE-SVC-6KORXE4KRHTKTGVI | |
| -A KUBE-SERVICES -d 10.100.97.149/32 -p tcp -m comment --comment "monitoring/prometheus-kube-prometheus-prometheus:http-web cluster IP" -m tcp --dport 9090 -j KUBE-SVC-JXXQ5QKELJRWT4EV | |
| -A KUBE-SERVICES -d 10.100.0.1/32 -p tcp -m comment --comment "default/kubernetes:https cluster IP" -m tcp --dport 443 -j KUBE-SVC-NPX46M4PTMTKRN6Y | |
| -A KUBE-SERVICES -d 10.100.206.61/32 -p tcp -m comment --comment "karpenter/karpenter-webhook cluster IP" -m tcp --dport 443 -j KUBE-SVC-A6OZHL3K5XE2QFP7 | |
| -A KUBE-SERVICES -d 10.100.145.67/32 -p tcp -m comment --comment "kube-system/aws-load-balancer-webhook-service cluster IP" -m tcp --dport 443 -j KUBE-SVC-XS62VUIMGR5RELHB | |
| -A KUBE-SERVICES -d 10.100.11.235/32 -p tcp -m comment --comment "kube-system/metrics-server:https cluster IP" -m tcp --dport 443 -j KUBE-SVC-Z4ANX4WAEWEBLCTM | |
| -A KUBE-SERVICES -d 10.100.29.76/32 -p tcp -m comment --comment "monitoring/prometheus-kube-prometheus-alertmanager:http-web cluster IP" -m tcp --dport 9093 -j KUBE-SVC-FP56U3IB7O2NDDFT | |
| -A KUBE-SERVICES -d 10.100.98.48/32 -p tcp -m comment --comment "monitoring/pushgateway-prometheus-pushgateway:http cluster IP" -m tcp --dport 9091 -j KUBE-SVC-ZN4GYROA76VVQE34 | |
| -A KUBE-SERVICES -d 10.100.6.39/32 -p tcp -m comment --comment "kit/kit-webhook cluster IP" -m tcp --dport 443 -j KUBE-SVC-74KYCW3D722FSGCA | |
| -A KUBE-SERVICES -d 10.100.90.239/32 -p tcp -m comment --comment "monitoring/prometheus-grafana:http-web cluster IP" -m tcp --dport 80 -j KUBE-SVC-L5JLFDCUFDUOSAFE | |
| -A KUBE-SERVICES -d 10.100.208.72/32 -p tcp -m comment --comment "karpenter/karpenter-metrics:metrics cluster IP" -m tcp --dport 8080 -j KUBE-SVC-XCJNIJ77AUVIEMGB | |
| -A KUBE-SERVICES -d 10.100.63.72/32 -p tcp -m comment --comment "monitoring/prometheus-kube-prometheus-operator:https cluster IP" -m tcp --dport 443 -j KUBE-SVC-UZFDVIVO2N6QXLRQ | |
| -A KUBE-SERVICES -d 10.100.205.85/32 -p tcp -m comment --comment "default/my-service cluster IP" -m tcp --dport 8443 -j KUBE-SVC-FXIYY6OHUSNBITIX | |
| -A KUBE-SERVICES -d 10.100.108.31/32 -p tcp -m comment --comment "monitoring/prometheus-kube-state-metrics:http cluster IP" -m tcp --dport 8080 -j KUBE-SVC-BHGV2K3NRCAIZUFF | |
| -A KUBE-SERVICES -m comment --comment "kubernetes service nodeports; NOTE: this must be the last rule in this chain" -m addrtype --dst-type LOCAL -j KUBE-NODEPORTS | |
| -A KUBE-SVC-6KORXE4KRHTKTGVI -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics" -m statistic --mode random --probability 0.50000000000 -j KUBE-SEP-KSCZISFWOJDBNOPA | |
| -A KUBE-SVC-6KORXE4KRHTKTGVI -m comment --comment "monitoring/prometheus-prometheus-node-exporter:http-metrics" -j KUBE-SEP-KKRKF7JYWQNAIJ5P | |
| -A KUBE-SVC-74KYCW3D722FSGCA -m comment --comment "kit/kit-webhook" -j KUBE-SEP-UVXNAQKOIEMQ37F7 | |
| -A KUBE-SVC-A6OZHL3K5XE2QFP7 -m comment --comment "karpenter/karpenter-webhook" -j KUBE-SEP-VINBKV37SZLTG4X6 | |
| -A KUBE-SVC-BHGV2K3NRCAIZUFF -m comment --comment "monitoring/prometheus-kube-state-metrics:http" -j KUBE-SEP-SRYRRVANWJEB5EVJ | |
| -A KUBE-SVC-ERIFXISQEP7F7OF4 -m comment --comment "kube-system/kube-dns:dns-tcp" -j KUBE-SEP-MQWIEZ7YEGNZ5FAF | |
| -A KUBE-SVC-FP56U3IB7O2NDDFT -m comment --comment "monitoring/prometheus-kube-prometheus-alertmanager:http-web" -j KUBE-SEP-N457YRWOMF7UEULS | |
| -A KUBE-SVC-FXIYY6OHUSNBITIX -m comment --comment "default/my-service" -j KUBE-SEP-ZLSTQCVANI4AMWRL | |
| -A KUBE-SVC-JXXQ5QKELJRWT4EV -m comment --comment "monitoring/prometheus-kube-prometheus-prometheus:http-web" -j KUBE-SEP-GCCBZQFNDEZENIFU | |
| -A KUBE-SVC-L5JLFDCUFDUOSAFE -m comment --comment "monitoring/prometheus-grafana:http-web" -j KUBE-SEP-N57D657OJIBJRMFJ | |
| -A KUBE-SVC-NPX46M4PTMTKRN6Y -m comment --comment "default/kubernetes:https" -m statistic --mode random --probability 0.33333333349 -j KUBE-SEP-D3QQMIMF7WQCZCUR | |
| -A KUBE-SVC-NPX46M4PTMTKRN6Y -m comment --comment "default/kubernetes:https" -m statistic --mode random --probability 0.50000000000 -j KUBE-SEP-MOBABC2Z3BKDW2FB | |
| -A KUBE-SVC-NPX46M4PTMTKRN6Y -m comment --comment "default/kubernetes:https" -j KUBE-SEP-VN34UDDQRC2E3IQ5 | |
| -A KUBE-SVC-TCOU7JCQXEZGVUNU -m comment --comment "kube-system/kube-dns:dns" -j KUBE-SEP-H3BKH4LXUWT76RXM | |
| -A KUBE-SVC-UZFDVIVO2N6QXLRQ -m comment --comment "monitoring/prometheus-kube-prometheus-operator:https" -j KUBE-SEP-BTCSWG6DQTW3Y7HO | |
| -A KUBE-SVC-XCJNIJ77AUVIEMGB -m comment --comment "karpenter/karpenter-metrics:metrics" -j KUBE-SEP-J4OZT7TCTMBXUZKU | |
| -A KUBE-SVC-XS62VUIMGR5RELHB -m comment --comment "kube-system/aws-load-balancer-webhook-service" -j KUBE-SEP-C5ZRINPTFKHYMKZA | |
| -A KUBE-SVC-Z4ANX4WAEWEBLCTM -m comment --comment "kube-system/metrics-server:https" -j KUBE-SEP-2OLTNAZXXGWUJEIY | |
| -A KUBE-SVC-ZN4GYROA76VVQE34 -m comment --comment "monitoring/pushgateway-prometheus-pushgateway:http" -j KUBE-SEP-7UCZIAM7QFX5OCEG | |
| COMMIT | |
| # Completed on Sat Mar 5 21:07:17 2022 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment