search

ahmetb / kubernetes-network-policy-recipes

Example recipes for Kubernetes Network Policies that you can just copy paste
Apache License 2.0
5.69k stars 1.73k forks source link

Block all port except specified. #59

Closed vrathore18 closed 4 years ago

vrathore18 commented 4 years ago

First of all, I like to thank you for this project. I know this is not a place for support but could you also add another example similar to below.

Here we blocking all port except 53(TCP and UDP). How to do all allow except 53. I tired action: deny but it's NOT working.

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: foo-deny-external-egress
spec:
  podSelector:
    matchLabels:
      app: foo
  policyTypes:
  - Egress
  egress:
  - ports:
    - port: 53
      protocol: UDP
    - port: 53
      protocol: TCP
   to:
    - namespaceSelector: {}
ahmetb commented 4 years ago

Can't do ALLOW ALL EXCEPT THIS as far as I know. I recommend reading my blog posts linked in the readme, as well as checking out my talk on this. I'm not sure where action: deny comes from, it's not part of Kubernetes network policy API, so it's not relevant to this repo.

I recommend taking questions to stackoverflow.com.