upstream/kubernetes
1
0
Fork 0
mirror of https://github.com/kubernetes/kubernetes.git synced 2026-03-19 17:12:42 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
kubernetes/pkg/proxy/iptables
History
Antonio Ojea 8b5fa408e0 kube-proxy: only set route_localnet if required 
kube-proxy sets the sysctl net.ipv4.conf.all.route_localnet=1
so NodePort services can be accessed on the loopback addresses in
IPv4, but this may present security issues.

Leverage the --nodeport-addresses flag to opt-out of this feature,
if the list is not empty and none of the IP ranges contains an IPv4
loopback address this sysctl is not set.

In addition, add a warning to inform users about this behavior.
2022-02-17 20:20:31 +01:00
..
OWNERS Check in OWNERS modified by update-yamlfmt.sh 2021-12-09 21:31:26 -05:00
proxier.go kube-proxy: only set route_localnet if required 2022-02-17 20:20:31 +01:00
proxier_test.go kube-proxy: fix duplicate port opening 2022-01-08 02:35:35 +08:00