pkts bytes target prot optinout source destination603132DOCKER all -- * *0.0.0.0/00.0.0.0/0ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT0packets,0bytes) pkts bytes target prot optinout source destination Chain OUTPUT (policy ACCEPT0packets,0bytes) pkts bytes target prot optinout sour...
# iptables -t nat -nvL --lineChainPREROUTING(policyACCEPT5packets,541bytes)num pkts bytes target prot optinoutsource destination12120DOCKERall--**0.0.0.0/00.0.0.0/0ADDRTYPEmatch dst-typeLOCALChainINPUT(policyACCEPT5packets,541bytes)num pkts bytes target prot optinoutsource destinationChainOUTPUT(policy...
127.0.0.0/8 ADDRTYPE match dst-type LOCALChain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 9806 589K MASQUERADE all -- * * 0.0.0.0/0 0.0.0.0/0 1 84 MASQUERADE all -- * !docker...
# iptables -L KUBE-SERVICES -t nat | grep KUBE-NODEPORTS KUBE-NODEPORTS all -- anywhere anywhere /* kubernetes service nodeports; NOTE: this must be the last rule in this chain */ ADDRTYPE match dst-type LOCAL 1. 2. 在其中包含了一条子链KUBE-SVC-YSWRJGOK5VEB6HOG,只要目的端口为30337...
1 2 1472 DOCKER all -- * * 0.0.0.0/0 0.0.0.0/0 ADDRTYPE match dst-type LOCAL Chain INPUT (policy ACCEPT 4 packets, 281 bytes) num pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 30 packets, 2368 bytes) ...
471K 28MKUBE-SERVICESall--**0.0.0.0/00.0.0.0/0/* kubernetes service portals */306K 18MDOCKERall--**0.0.0.0/00.0.0.0/0ADDRTYPEmatch dst-typeLOCALChainPOSTROUTING(policyACCEPT7154packets,438K bytes)pkts bytes target prot optinout source destination ...
2 47 3390 DOCKER all -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT 278 packets, 18244 bytes) num pkts bytes target prot opt in out source destination 1 0 0 MASQUERADE all -- * !docker0 172.17.0.0/16 0.0.0.0/0 ...
1 0 0 DOCKER 0 -- * * 0.0.0.0/0 !127.0.0.0/8 ADDRTYPE match dst-type LOCAL Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination 1 0 0 MASQUERADE 0 -- * !docker0 172.18.0.0/16 0.0.0.0/0 ...
addrtype 此模块根据数据包的地址类型匹配数据包。地址类型在内核网络堆栈中使用,并将地址分类为不同的组。该组的确切定义取决于特定的三层协议。 以下地址类型是可能的: UNSPEC:未指定的地址(即0.0.0.0) UNICAST:单播地址 LOCAL:本地地址 BROADCAST:广播地址 ...
this must be the last rule in this chain */ ADDRTYPE match dst-type LOCAL Chain KUBE-SVC-7GF4BJM3Z6CMNVML (1 references) pkts bytes target prot opt in out source destination 0 0 KUBE-SEP-ZULUBSZ2OTAW7A27 all -- * * 0.0.0.0/0 0.0.0.0/0 /* default/redis-master: */ Chain KUBE...