Rafael Jardim d95c80d36f Update Security

Fixed merge conflict (RS)

Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com>
Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55
Signed-off-by: Ron Stone <ronald.stone@windriver.com>

2021-04-01 16:02:36 -04:00

1.4 KiB

Raw Blame History

Firewall Options

applies default firewall rules on the network.

The default rules are recommended for most applications. See Default Firewall Rules <security-default-firewall-rules> for details. You can configure an additional file in order to augment or override the default rules.

A minimal set of rules is always applied before any custom rules, as follows:

Non- traffic is always accepted.
Egress traffic is always accepted.
traffic is always accepted.
traffic is always accepted.

Note

It is recommended to disable port 80 when HTTPS is enabled for external connection.

Operational complexity:

provides firewall rules through Kubernetes Network Policies. For more information, see Firewall Options <security-firewall-options>.
The custom rules are applied using iptables-restore or ip6tables-restore.

Default Firewall Rules

applies these default firewall rules on the network. The default rules are recommended for most applications.

For a complete listings, see Default Firewall Rules <security-default-firewall-rules>.

1.4 KiB Raw Blame History

Firewall Options

Default Firewall Rules

1.4 KiB

Raw Blame History