refactor: remove iptables MASQUERADE

2025-12-24 11:51:13 +08:00 · 2025-10-12 08:51:04 +08:00
parent 66eca5fdce
commit cf5f0b4e88
2 changed files with 0 additions and 4 deletions
--- a/pkg/inject/controller.go
+++ b/pkg/inject/controller.go
@@ -57,8 +57,6 @@ iptables -P FORWARD ACCEPT
 ip6tables -P FORWARD ACCEPT
 iptables -t nat -A PREROUTING ! -p icmp ! -s 127.0.0.1 ! -d ${CIDR4} -j DNAT --to :15006
 ip6tables -t nat -A PREROUTING ! -p icmp ! -s 0:0:0:0:0:0:0:1 ! -d ${CIDR6} -j DNAT --to :15006
 iptables -t nat -A POSTROUTING ! -p icmp ! -s 127.0.0.1 ! -d ${CIDR4} -j MASQUERADE
 ip6tables -t nat -A POSTROUTING ! -p icmp ! -s 0:0:0:0:0:0:0:1 ! -d ${CIDR6} -j MASQUERADE
 kubevpn server -l "tun:/tcp://${TrafficManagerService}:10801?net=${TunIPv4}&net6=${TunIPv6}&route=${CIDR4}"`,
 		},
 		Env: []v1.EnvVar{
--- a/pkg/inject/exchange.go
+++ b/pkg/inject/exchange.go
@@ -102,8 +102,6 @@ iptables -P FORWARD ACCEPT
 ip6tables -P FORWARD ACCEPT
 iptables -t nat -A PREROUTING ! -p icmp -j DNAT --to ${LocalTunIPv4}
 ip6tables -t nat -A PREROUTING ! -p icmp -j DNAT --to ${LocalTunIPv6}
 iptables -t nat -A POSTROUTING ! -p icmp -j MASQUERADE
 ip6tables -t nat -A POSTROUTING ! -p icmp -j MASQUERADE
 kubevpn server -l "tun:/tcp://${TrafficManagerService}:10801?net=${TunIPv4}&net6=${TunIPv6}&route=${CIDR4}"`,
 		},
 		SecurityContext: &corev1.SecurityContext{