GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → bowei → k8s-custom-iptables

bowei / k8s-custom-iptables

Licence: Apache-2.0 license
How to add custom iptables rules to a Kubernetes cluster

Programming Languages

shell
77523 projects
Makefile
30231 projects
Dockerfile
14818 projects

Labels

kubernetesnetworkingnatiptablesk8smasquerade

Projects that are alternatives of or similar to k8s-custom-iptables

Docker Host
A docker sidecar container to forward all traffic to local docker host or any other host
Stars: ✭ 769 (+1378.85%)
Mutual labels:  nat, iptables
xt NAT
Full Cone NAT module for Linux iptables
Stars: ✭ 65 (+25%)
Mutual labels:  nat, iptables
Polycube
eBPF/XDP-based software framework for fast network services running in the Linux kernel.
Stars: ✭ 217 (+317.31%)
Mutual labels:  nat, iptables
Miniupnp
UPnP IGD implementation
Stars: ✭ 974 (+1773.08%)
Mutual labels:  nat, iptables
Internet Hosting Tool
Enable Moonlight streaming from your PC over the Internet with no configuration required
Stars: ✭ 205 (+294.23%)
Mutual labels:  nat
Rtty
Access your terminal from anywhere via the web.
Stars: ✭ 2,434 (+4580.77%)
Mutual labels:  nat
Server Go
🎨OpenIoTHub Server[内网穿透和物联网设备管理服务器]
Stars: ✭ 127 (+144.23%)
Mutual labels:  nat
Lvs Dpdk
LVS on dpdk
Stars: ✭ 125 (+140.38%)
Mutual labels:  nat
go-libp2p-autonat
DEPRECATED: NAT Autodiscovery
Stars: ✭ 53 (+1.92%)
Mutual labels:  nat
Fasttunnel
NAT 内网穿透 远程内网计算机 域名访问内网站点 反向代理内网服务 花生壳 端口转发 http代理 微信 小程序 expose a local server behind a NAT or firewall to the internet like ngrok and frp. NAT ssh proxy tunnel reverse-proxy
Stars: ✭ 248 (+376.92%)
Mutual labels:  nat
Xfrps
xfrps fork from frp but mainly use its server side feature and cooperate with xfrp
Stars: ✭ 179 (+244.23%)
Mutual labels:  nat
Libvirt Hook Qemu
Libvirt hook for setting up iptables port-forwarding rules when using NAT-ed networking.
Stars: ✭ 137 (+163.46%)
Mutual labels:  nat
Inlets Pro
Secure TCP and HTTP tunnels that work anywhere
Stars: ✭ 179 (+244.23%)
Mutual labels:  nat
Linux Router
Set Linux as router in one command. Support Internet sharing, redsocks, Wifi hotspot, IPv6. Can also be used for routing VM/containers
Stars: ✭ 129 (+148.08%)
Mutual labels:  nat
Tuntox
Tunnel TCP connections over the Tox protocol
Stars: ✭ 251 (+382.69%)
Mutual labels:  nat
Gateway Go
🎁GateWay Client for OpenIoTHub[云易连访问内网端口和设备的网关]
Stars: ✭ 127 (+144.23%)
Mutual labels:  nat
Esp32 nat router
A simple NAT Router for the ESP32
Stars: ✭ 226 (+334.62%)
Mutual labels:  nat
Npf
NPF: packet filter with stateful inspection, NAT, IP sets, etc.
Stars: ✭ 160 (+207.69%)
Mutual labels:  nat
Dublin Traceroute
Dublin Traceroute is a NAT-aware multipath tracerouting tool
Stars: ✭ 159 (+205.77%)
Mutual labels:  nat
Frpc Android
Android,安卓版frpc,一个快速反向代理,可帮助您将NAT或防火墙后面的本地服务器暴露给Internet。
Stars: ✭ 205 (+294.23%)
Mutual labels:  nat
View All Similar Projects ➔

k8s-custom-iptables

An example of how to add custom IP tables rules to a Kubernetes cluster. This collection of scripts creates a NAT (MASQ) rule for outbound traffic to a TARGETS CIDR range(s) given to the script.

Installing rules into the cluster.

Install the daemonset that configures the cluster to NAT an IP range.

TARGETS="1.2.3.4/24 4.5.6.7/16" ./install.sh

Uninstall rules from the cluster.

Uninstall the IP tables rules from the cluster.

./uninstall.sh

Configuring

The configuration for which ranges are NAT'd are in the k8s-custom-iptables ConfigMap. Values can be changed via kubectl edit cm/k8s-custom-iptables:

apiVersion: v1
kind: ConfigMap
metadata:
  name: k8s-custom-iptables
data:
  nat.rules: "10.0.0.0/24 192.168.0.0/16"

Creating and pushing the image.

REGISTRY=gcr.io/my-registry make
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].