1. sdn traffic leaking out of the cluster (commit: 2d9a8e3) (details)
  2. bump( (commit: bf447db) (details)
Commit 2d9a8e38ee15b85670db51557bad0b7bc2a9f516 by pcameron
sdn traffic leaking out of the cluster
Customer has discovered that traffic sourced with ip from SDN subnet is
being sent out of the cluster non-masqueraded.
tcp --ctstate INVALID packets are escaping from the SDN This change adds
a FORWARD rule to DROP these packets. filter chain FORWARD -s
n.clusterNetworkCIDR -m conntrack --ctstate INVALID -j DROP
bug 1438762
(commit: 2d9a8e3)
The file was modifiedpkg/sdn/plugin/node_iptables.go (diff)
Commit bf447dbc9e3733ab33118f32f3f6e896a6f903b8 by dmcphers+openshiftbot
(commit: bf447db)
The file was modifiedpkg/assets/bindata.go (diff)