3

I successfully deployed k8s pod with service of type NodePort in microk8s cluster. Now when I enable UFW and try to deny incoming traffic to the exposed port 31001 using command ufw deny 31001 , UFW still allows traffic to port 31001.

What should I do in UFW to allow and deny traffic to port 31001 ?
Even if there is no entry in UFW for port 31001, I get a successful response from port 31001.

Please help.

ajay vasudevan
  • 69
  • 8
  • Have you solved it? I have the same problem – DiV666 Aug 22 '20 at 08:45
  • 2
    Nodeport ports tamper the iptables first and hence bypass the ufw set of route rules. The only way is to set as clusterip instead of Nodeport and route traffic to the port through ingress. – ajay vasudevan Aug 23 '20 at 10:28

0 Answers0