|
|
[iyunv@k8s-node-1 1213-domain]# iptables -L -v -n -t nat
Chain PREROUTING (policy ACCEPT
5 packets, 309 bytes) pkts bytes target prot opt
in out source destination
30708 1898K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */ 3 172 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL
Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
2057 126K KUBE-SERVICES all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service portals */
0 0 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT 4 packets, 240 bytes)
pkts bytes target prot opt in out source destination
4100 283K MASQUERADE all -- * !docker0 192.168.33.0/24 0.0.0.0/0
28494 1716K KUBE-POSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes postrouting rules */
2 277 RETURN all -- * * 192.168.122.0/24 224.0.0.0/24
0 0 RETURN all -- * * 192.168.122.0/24 255.255.255.255
0 0 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
0 0 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24
Chain DOCKER (2 references)
pkts bytes target prot opt in out source destination
0 0 RETURN all -- docker0 * 0.0.0.0/0 0.0.0.0/0
Chain KUBE-MARK-DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK or 0x8000
Chain KUBE-MARK-MASQ (6 references)
pkts bytes target prot opt in out source destination
0 0 MARK all -- * * 0.0.0.0/0 0.0.0.0/0 MARK or 0x4000
Chain KUBE-NODEPORTS (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-MARK-MASQ tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/coherenceproxysvc: */ tcp dpt:30033
0 0 KUBE-SVC-BQXHRGVXFCEH2BHH tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/coherenceproxysvc: */ tcp dpt:30033
Chain KUBE-POSTROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service traffic requiring SNAT */ mark match 0x4000/0x4000
Chain KUBE-SEP-67FRRWLKQK2OD4HZ (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-MARK-MASQ all -- * * 192.168.33.2 0.0.0.0/0 /* kube-system/kube-dns:dns-tcp */
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-system/kube-dns:dns-tcp */ tcp to:192.168.33.2:53
Chain KUBE-SEP-GIM2MHZZZBZJL55J (2 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-MARK-MASQ all -- * * 192.168.0.105 0.0.0.0/0 /* default/kubernetes:https */
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/kubernetes:https */ recent: SET name: KUBE-SEP-GIM2MHZZZBZJL55J side: source mask: 255.255.255.255 tcp to:192.168.0.105:443
Chain KUBE-SEP-IM4M52WKVEC4AZF3 (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-MARK-MASQ all -- * * 192.168.33.6 0.0.0.0/0 /* default/coherenceproxysvc: */
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/coherenceproxysvc: */ tcp to:192.168.33.6:9099
Chain KUBE-SEP-LUF3R3GRCSK6KKRS (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-MARK-MASQ all -- * * 192.168.33.2 0.0.0.0/0 /* kube-system/kube-dns:dns */
0 0 DNAT udp -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-system/kube-dns:dns */ udp to:192.168.33.2:53
Chain KUBE-SEP-ZZECWQBQCJPODCBC (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-MARK-MASQ all -- * * 192.168.33.5 0.0.0.0/0 /* default/coherenceproxysvc: */
0 0 DNAT tcp -- * * 0.0.0.0/0 0.0.0.0/0 /* default/coherenceproxysvc: */ tcp to:192.168.33.5:9099
Chain KUBE-SERVICES (2 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-SVC-NPX46M4PTMTKRN6Y tcp -- * * 0.0.0.0/0 10.254.0.1 /* default/kubernetes:https cluster IP */ tcp dpt:443
0 0 KUBE-SVC-TCOU7JCQXEZGVUNU udp -- * * 0.0.0.0/0 10.254.254.254 /* kube-system/kube-dns:dns cluster IP */ udp dpt:53
0 0 KUBE-SVC-ERIFXISQEP7F7OF4 tcp -- * * 0.0.0.0/0 10.254.254.254 /* kube-system/kube-dns:dns-tcp cluster IP */ tcp dpt:53
0 0 KUBE-SVC-BQXHRGVXFCEH2BHH tcp -- * * 0.0.0.0/0 10.254.22.102 /* default/coherenceproxysvc: cluster IP */ tcp dpt:9099
0 0 KUBE-NODEPORTS all -- * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes service nodeports; NOTE: this must be the last rule in this chain */ ADDRTYPE match dst-type LOCAL
Chain KUBE-SVC-BQXHRGVXFCEH2BHH (2 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-SEP-ZZECWQBQCJPODCBC all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/coherenceproxysvc: */ statistic mode random probability 0.50000000000
0 0 KUBE-SEP-IM4M52WKVEC4AZF3 all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/coherenceproxysvc: */
Chain KUBE-SVC-ERIFXISQEP7F7OF4 (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-SEP-67FRRWLKQK2OD4HZ all -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-system/kube-dns:dns-tcp */
Chain KUBE-SVC-NPX46M4PTMTKRN6Y (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-SEP-GIM2MHZZZBZJL55J all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/kubernetes:https */ recent: CHECK seconds: 10800 reap name: KUBE-SEP-GIM2MHZZZBZJL55J side: source mask: 255.255.255.255
0 0 KUBE-SEP-GIM2MHZZZBZJL55J all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/kubernetes:https */
Chain KUBE-SVC-TCOU7JCQXEZGVUNU (1 references)
pkts bytes target prot opt in out source destination
0 0 KUBE-SEP-LUF3R3GRCSK6KKRS all -- * * 0.0.0.0/0 0.0.0.0/0 /* kube-system/kube-dns:dns */ |
|
|
|
|
|
|
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-1-5 07:11:01
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡