Skip to content

Commit

Permalink
Update nodeup/pkg/model/containerd.go
Browse files Browse the repository at this point in the history
Co-authored-by: Ciprian Hacman <[email protected]>
  • Loading branch information
justinsb and hakman authored Feb 11, 2021
1 parent c802344 commit c5af115
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion nodeup/pkg/model/containerd.go
Original file line number Diff line number Diff line change
Expand Up @@ -320,7 +320,7 @@ func (b *ContainerdBuilder) buildIPMasqueradeRules(c *fi.ModelBuilderContext) er
// We cannot generally assume that because something is in the private network space, that it can reach us.
// If we adopt "native" pod IPs (GCE ip-alias, AWS VPC CNI, etc) we can likely move to rules closer to the upstream ones.
script := `#!/bin/bash
# Built by kOps - do not edit
# Built by kOps - do not edit
iptables -w -t nat -N IP-MASQ
iptables -w -t nat -A POSTROUTING -m comment --comment "ip-masq: ensure nat POSTROUTING directs all non-LOCAL destination traffic to our custom IP-MASQ chain" -m addrtype ! --dst-type LOCAL -j IP-MASQ
Expand Down

0 comments on commit c5af115

Please sign in to comment.