github.com/imran-kn/cilium-fork@v1.6.9/Documentation/_static/kubernetes_iptables.svg (about) 1 <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd"> 2 <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="1310px" height="1169px" viewBox="-0.5 -0.5 1310 1169" content="<mxfile modified="2018-12-19T23:33:19.814Z" host="www.draw.io" agent="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.110 Safari/537.36" version="10.0.5" etag="g6ovIGJ9rjoExlgCa68y" type="google"><diagram id="68adb0f2-4922-ff16-2d2c-897ec8344e38" name="Page-1">7Z1tc9o6FoB/y35gZndnYGzLb3wkQNpMacOF5Lb3U8fYAnxrEGubhNxfv5KxDJYEMWADoWraxhbGLzqPjs45OpJroD1bfQqdxfQr8mBQ0xRvVQOdmqapwLDxL1Lyti6x9ea6YBL6XnrQpmDo/wPTQiUtXfoejHIHxggFsb/IF7poPodunCtzwhC95g8boyB/1YUzgVzB0HUCvvS778XT9Ck0a1P+GfqTKb2yaqbPN3PowemTRFPHQ69bRaBbA+0QoXi9NVu1YUAqj9bL+nv3Oz7NbiyE87jIF/C96ZZua9C14UizjbpKH+LFCZbp46a3Gr/R53+d+jEcLhyX7L9iGdfA3TSeBXhPxZshWs49SK6g4L3sEcnOJHCiKN120cx36UFxiH5llYmr4W6M5nEbBShMLgmU5A8p94Ngq9xzoD12szNsfWKSRxrjT/g6SavpBYYxXG0VpXX0CaIZjMM3fEj6KTDW30h51ZvpGV430leBkh403RK9bqWSd1LkJtm5N1LBG6lgxEJqAk4kX57vuvVvj51u/3HwNOQEFL36s8CZw7Qeh+knRDju1A+8nvOGluQWo9hxf9G9uykK/X/w8Q6VJP44jNP2p5l7an/zzSE5YyrVEEb4u31a8ypT9NVZ5Q7sOVGcsREEziLyR9l9z5xw4s/vUByjGYUmfcr7/E2Nkz9lcbibq0noeD7MUWpBx4RKOcyZRh46GwuAhU5rKjxzll0CcjqHXH1B1KxL/q/PNpt1b4HCGG8BjTRQXPI3/i/h82tr8AX/N/yD4xNXQSys2+QPz9nYID+43An8yRyXBXBMTkBq08d6uZUWx4iooghrJn8+6SXHdPRNySCtJFKE8HfHQQLE1Pc8OE+AiZ3YWTNHpLhA/jxOatG4w3/x07WVhlEz8C218b662cd/yeEhhmGOn8rxE7FDDPQrJFAzLPJ4ZG38fT5SHoriQI87CQeD7xTaWq2lHA7F8M92/YcE4hjlVAY1hnY+agTGhYCjKzYucDeiuULjwjNHpmFWYlw0baWgcZHZw6cIibctapoZEEJHeGNCNu5DRNr2t4c2/QifNPuUE2BeQu+Ik6lxqHoGtEQ13jQt4JicNEE5MmD6Wmy38TLQBM3ELEECfFfLSeAJ3Xj9q6rKSMDQzycBkVZiJNBDuFfJSkNa3A+RC7HSuVW56HZeLCrVQ+cQi8q7oo/PT/3nJ65qz+XvjG0Xur+ZvzOyDd0oy6ehfRvFyeKNWFWvyKcxbQ6ntUXaHfz50O5KL/oiXrSAKqswVrtdISFF1PgVUZSefADd2JlPcIVt7DOQh1YT6UBQwIZ2ghiGcyeGd6RKI47d7MGK4dwU43z/MOh+b/V6EufrwDlTO6XjXIaPBjSOov6gO8D97MO3T7Kf/aD9rGblzTaggIIaUt2N1G4Nqel5DWkqvAtrn11BWrK/vx669yjITAWVryCNG+rvAe+l9h+HT5mqVv6NL/UfqbIvobLp5Xv+nN5kCVrcZrS4ZgtiIiK9alnHcF/kchfQ4jvM3Bz7UpFfhSI3ChO+R5GLEDvOLLlSRa7bNrDGwNOgpzZHY6OuqnwIuP3Qe3j++pNQ/hNf+XJqnQ6B/EaI7xncybRR6Yjflq2y0/Tu11Wprm8wW0VVlLz1YCo8+ECtKLQLeCOhjhlWVKWBm0jDtBrEybgHadZCTWapHJelAsqIZQkpKCOWRV3A95OWiPA731pPZLseo7qHH9/H2s9Hc5Ya0DKAJKOcdJXD8RGkq1SHDx8KffgmRxtvJwp63tFGXhnJ6OPFrSCeqqzVy9HGvTjzuRhytPEKcc7UzlWONuq8nX7/OPjeGnRI/BpLFiMrQ9gftb/VdWbUsdks2N8eFa++0lHHHf1+xrnUk9egJ/VSAnnlDaFfabcviFXzKjyNVV+acBmqzoeqq7MEbilUbfDxaOhNIKUUhfEUTdDcCbqbUkaYW2nbcOXHP0hxw0j3/koPwnIJ335s7/yVHfc3jOO3lGxnGSNctLluD5GgUNoCtoEwBEregLani0BRW+SnJowDNy1Psax9NkCElqGb1g51mHBrnECq89ZFpOL2ghbCwIn9F5g7+R6M+iSAtdXjG3mEmLm167tMv7OBgjsNMJkZN8x51k/GnecYuLQq4FK30VqDlsG12aXgfSi4DJ4tmg5cNVyAjRZR1XcoXgYzoQvoleFlnEd3XQtCuzDfm2+zjRcQ6C7zQnyBI7UXF9Wk4xMV8GVytp4M+lzcmal4JJeZCmlYvFcNRDO+9oU7C0/E46OMybAdFsKvGhmrSzc2A7edwWO/Rkf0km05VJfDb7sdKjweWRM/aURXxEMZ8UKLH5KTyX+/gQ5iI4mGqZ1PCVn8lPh3lNA6e2SthMj2c3fQ6nSlKno3nyRr39epffi0TBnKvXHNwy66BPghDF00qKAq+unA2fzYwQGap9Vud/t8torUOpzW0QtTsVvrCCkoQ+vYvM2Ty2XUG/jC96q9SWUkiJClDnFduGtO3BjrkJgEXwfdXuupSyqxO3xq3fUehp/JniSmYmIEiWuVEWPxM8PqniTmgxFDk87OomN2rCgpk9N+H9PGFGRnVGja8Lb0v4hSEfZsuJzorwiGL74L6/5inbuvrZcbXHqLvCYjBduLDpKAqEzwLxgbEi2Dx8Nml7E8ZXXqbH8HqDTASQDJJSuL9XmHQ3JOK8nmBzMS4TueF8ZvC7gmIIrr6U7vsd3q5TjYvd6yZOF0Fs5q/+zIZiYt/b/S+LlB48dkIsqmYIXPyqYn2vx02ET1EJfLj3CLXwd3kEf0TujMvWS91Xp9EaKRM/IDPyZPQppmrlsSTqaVqohTRWWsJ1fZrDNbMHU1J2JNiric2YeHc3DO2YdNXs4Vp4rVcnmIqmbTgj4MfXz/MKydkv4D9nRwHLrrP/tU/XYajy1IE7NLT+MpLDnzwpKzmh9HciYvObqIfdUJWAZjAlgWE9comoFlaYwtYTIJ0eVlYDV3GarCjkEaqh/fUOUW0shoO4el2hRYqsxCGkAupFHC616u2iZtCmzSExfSAHIhjTLf+3LVpqxKJ2JeyiLSjp9UU6XtY/O2D10RpWrbR2eSxm2VSRovavuwbyWz2MGh8mwfValkatbe2TOKAhjj2rROYklollcFWFNgXJ9pdkOTmVNlgSMBUxV2nJJOOKuCsAs73depqJpnca8rdtJYRWWaVnUY8YZN6fOw1KNJqXIelgDnQohZgr6QTsmvfCIWQwY4ti/U2JcjmZXNxMpyMKrUVCdoIwFjmam+WxsJGBslP6Uwpgu6Q/6VhHTt3bNTZx6p2HTmRLpWYf9Y6gTT61Nf/GzpQmSZV0WW0XwHiMJdJp3qRxGlqzFUQRafjbHrvZN95N3s+/VYpaALluCo7PV6ilV9n3JNy1uc3qUAvt3TKeWy/xARZkvC6D0WAizTi9uIWWcKEqmMPZs5facaxoCNKpaJGB+rFr8+95a7Ee71uYDG2s/SkahniPeW65xcup0DQYjlTOaixaJiM42zaCu3VbYjqWwYHPMtO5KDALMELkqmK6tGzGb1P+tIFA8GK3mXhOuSymNMsNQh1cPi1/LM0gXuGC7lcodnWO5Q0HbGY69pipdCPHz9CWatQmyW8e9CA5agPy1jAQoBiby3vJk9pVkNBf+o2RwXYu24fuAvZz+nKCLNKV2ZYvCFbNcjGNdX6VRyZUXmXCkrXREM2v7uo/PvrJ2zR2OclNYh4qqU1bf5++UnTsnFXG9euzEBAKFyywYBy84wE0AoyDnDrprS7j0Pn7qDn+2HzmCPWpNT0kvSXWW8vVGITUW6S7BWXMRik8tSlKRcihRB9lllpPADMdp+53GO5heIR+yYen24G1nIHdw9OpWLZZe+jvPxQhO8E5V53fXa/5KvC/morwsxTWa4UeFnAJf4NuDrfF2IAHy+X5NRh+uwy3no9+gt+YbgA3tpbS/38iXYt+mM2uxy5sJQW1XeqABDfmmsLNT2mYD40Bc5ozlHY7g1Iya1wra+LN2PQ9yPPYripCDbGd0P3pJNaCLLydDgRoKYJyrcAq2m3W1iuXKV4cvxJJpMdUaeRKlzbM84dRZk0585xJW7S363ogW2D9JqcujO2F+Rusvk3XNGMOijyE8m8YHOKO2LdgBxdO8j8n75fomB9d7odjutPf5z+sCdaRwv8LVbpJ61e+cFsxdGWmPix9PlaBnB0MUnwFA0XJJjeL/E/0i6q26QJnJP7lon/oHpzMhDvqRgl9DfMcHXZpNP1DBEPk8JeRoClPjQq0RpP0rLRYAcr/Hq//Jn0POdBgonuJjsL8g+3sY3OMOqCm9h2GYj/Nsk/7Bfd/9lOcJGNIxh9DNAE9SIXsiXVUXTF6u64MPGYj6phDtD4bnTKA7b4OmVRHfoq7skeDcPHk2QpbaYIDGNLha3zR07f7Ac7gCf0sFlC9ICIp4ckeb/loh+UI8SdxHLRtGsxWrzIT2Lv0isHWLoDZbr348vZEFT+LqVhri+Rv66e7MTU+tuKzydOJVbhhWJQ69vLvmYWnUuliCZgMo1gRm20JJ0qbxF1mHATaPkee6FofNC7af40qMHA6epbBorb60JAx6Hd7F4N0RE7JsoSOgspl+RB8kR/wc=</diagram></mxfile>" style="background-color: rgb(255, 255, 255);"><defs><linearGradient x1="0%" y1="0%" x2="0%" y2="100%" id="id1"><stop offset="0%" style="stop-color:#dae8fc"/><stop offset="100%" style="stop-color:#7ea6e0"/></linearGradient><clipPath id="mx-clip-629-836-280-24-0"><rect x="629" y="836" width="280" height="24"/></clipPath><clipPath id="mx-clip-629-862-280-24-0"><rect x="629" y="862" width="280" height="24"/></clipPath><clipPath id="mx-clip-979-616-300-24-0"><rect x="979" y="616" width="300" height="24"/></clipPath><clipPath id="mx-clip-979-642-300-24-0"><rect x="979" y="642" width="300" height="24"/></clipPath><clipPath id="mx-clip-29-580-310-24-0"><rect x="29" y="580" width="310" height="24"/></clipPath><clipPath id="mx-clip-419-572-310-24-0"><rect x="419" y="572" width="310" height="24"/></clipPath><clipPath id="mx-clip-29-849-470-24-0"><rect x="29" y="849" width="470" height="24"/></clipPath><clipPath id="mx-clip-29-875-470-24-0"><rect x="29" y="875" width="470" height="24"/></clipPath><clipPath id="mx-clip-29-901-470-24-0"><rect x="29" y="901" width="470" height="24"/></clipPath><clipPath id="mx-clip-29-709-470-24-0"><rect x="29" y="709" width="470" height="24"/></clipPath><clipPath id="mx-clip-29-735-470-24-0"><rect x="29" y="735" width="470" height="24"/></clipPath><clipPath id="mx-clip-29-761-470-24-0"><rect x="29" y="761" width="470" height="24"/></clipPath><clipPath id="mx-clip-619-657-300-24-0"><rect x="619" y="657" width="300" height="24"/></clipPath><clipPath id="mx-clip-619-683-300-24-0"><rect x="619" y="683" width="300" height="24"/></clipPath><clipPath id="mx-clip-979-735-300-24-0"><rect x="979" y="735" width="300" height="24"/></clipPath><clipPath id="mx-clip-979-761-300-24-0"><rect x="979" y="761" width="300" height="24"/></clipPath><linearGradient x1="0%" y1="0%" x2="0%" y2="100%" id="id2"><stop offset="0%" style="stop-color:#fff2cc"/><stop offset="100%" style="stop-color:#ffd966"/></linearGradient><clipPath id="mx-clip-404-1074-360-24-0"><rect x="404" y="1074" width="360" height="24"/></clipPath><clipPath id="mx-clip-29-1074-285-24-0"><rect x="29" y="1074" width="285" height="24"/></clipPath><clipPath id="mx-clip-29-1100-285-24-0"><rect x="29" y="1100" width="285" height="24"/></clipPath><clipPath id="mx-clip-849-1074-385-24-0"><rect x="849" y="1074" width="385" height="24"/></clipPath><clipPath id="mx-clip-849-1100-385-24-0"><rect x="849" y="1100" width="385" height="24"/></clipPath></defs><rect x="4" y="469" width="1305" height="479" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" pointer-events="none"/><path d="M 624 830 L 624 804 L 914 804 L 914 830" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 624 830 L 624 882 L 914 882 L 914 830" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 624 830 L 914 830" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="768" y="821.5">KUBE-NODEPORTS</text></g><rect x="624" y="830" width="290" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-629-836-280-24-0)" font-size="12px"><text x="630.5" y="848.5">-p tcp -m tcp --dport 32000 -j KUBE-MARK-MASQ</text></g><rect x="624" y="856" width="290" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-629-862-280-24-0)" font-size="12px"><text x="630.5" y="874.5"> -p tcp -m tcp --dport 32000 -j KUBE-SVC-X</text></g><rect x="4" y="958" width="1305" height="210" fill="#fff2cc" stroke="#d6b656" stroke-width="2" pointer-events="none"/><rect x="24" y="225" width="120" height="60" fill="#e1d5e7" stroke="#9673a6" stroke-width="3" pointer-events="none"/><g transform="translate(56.5,248.5)"><switch><foreignObject style="overflow:visible;" pointer-events="all" width="54" height="12" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; vertical-align: top; width: 55px; white-space: nowrap; overflow-wrap: normal; text-align: center;"><div xmlns="http://www.w3.org/1999/xhtml" style="display:inline-block;text-align:inherit;text-decoration:inherit;"><b>From NIC</b></div></div></foreignObject><text x="27" y="12" fill="#000000" text-anchor="middle" font-size="12px" font-family="Helvetica"><b>From NIC</b></text></switch></g><rect x="1084" y="232" width="120" height="60" fill="#e1d5e7" stroke="#9673a6" stroke-width="3" pointer-events="none"/><g transform="translate(1124.5,255.5)"><switch><foreignObject style="overflow:visible;" pointer-events="all" width="38" height="12" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; vertical-align: top; width: 38px; white-space: nowrap; overflow-wrap: normal; text-align: center;"><div xmlns="http://www.w3.org/1999/xhtml" style="display:inline-block;text-align:inherit;text-decoration:inherit;"><b>To NIC</b></div></div></foreignObject><text x="19" y="12" fill="#000000" text-anchor="middle" font-size="12px" font-family="Helvetica"><b>To NIC</b></text></switch></g><rect x="454" y="83" width="120" height="60" fill="#e1d5e7" stroke="#9673a6" stroke-width="3" pointer-events="none"/><g transform="translate(490.5,99.5)"><switch><foreignObject style="overflow:visible;" pointer-events="all" width="46" height="26" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; vertical-align: top; width: 48px; white-space: nowrap; overflow-wrap: normal; text-align: center;"><div xmlns="http://www.w3.org/1999/xhtml" style="display:inline-block;text-align:inherit;text-decoration:inherit;"><b>Local<br />Process</b></div></div></foreignObject><text x="23" y="19" fill="#000000" text-anchor="middle" font-size="12px" font-family="Helvetica">[Not supported by viewer]</text></switch></g><path d="M 649 180 L 649 154 L 789 154 L 789 180" fill="#f8cecc" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 649 180 L 649 232 L 789 232 L 789 180" fill="#ffffff" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 649 180 L 789 180" fill="none" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="718" y="171.5">OUTPUT</text></g><path d="M 649 206 L 649 180 L 789 180 L 789 206" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 649 206 L 649 232 L 789 232 L 789 206" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 649 206 L 789 206" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="718" y="197.5">KUBE-SERVICES</text></g><path d="M 649 232 L 649 206 L 789 206 L 789 232" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 649 232 L 789 232" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="718" y="222">KUBE-FIREWALL</text></g><path d="M 244 307 L 244 281 L 384 281 L 384 307" fill="#f8cecc" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 307 L 244 332 L 384 332 L 384 307" fill="#ffffff" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 307 L 384 307" fill="none" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="313" y="298.5">PREROUTING</text></g><path d="M 244 332 L 244 307 L 384 307 L 384 332" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 332 L 384 332" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="313" y="322.5">KUBE-SERVICES</text></g><path d="M 844 288 L 844 262 L 1024 262 L 1024 288" fill="#f8cecc" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 288 L 844 339 L 1024 339 L 1024 288" fill="#ffffff" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 288 L 1024 288" fill="none" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="933" y="279.5">POSTROUTING (nat)</text></g><path d="M 844 314 L 844 288 L 1024 288 L 1024 314" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 314 L 844 339 L 1024 339 L 1024 314" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 314 L 1024 314" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="933" y="305.5">KUBE-POSTROUTING</text></g><path d="M 844 339 L 844 314 L 1024 314 L 1024 339" fill="#fff2cc" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 339 L 1024 339" fill="none" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="933" y="329.5">CILIUM_POST_nat</text></g><path d="M 974 610 L 974 584 L 1284 584 L 1284 610" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 974 610 L 974 662 L 1284 662 L 1284 610" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 974 610 L 1284 610" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="1128" y="601.5">KUBE-SEP-1</text></g><rect x="974" y="610" width="310" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-979-616-300-24-0)" font-size="12px"><text x="980.5" y="628.5">-s 10.233.67.32/32 -j KUBE-MARK-MASQ</text></g><rect x="974" y="636" width="310" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-979-642-300-24-0)" font-size="12px"><text x="980.5" y="654.5">-p tcp -m tcp -j DNAT --to-destination 10.233.67.32:53</text></g><path d="M 244 180 L 244 154 L 384 154 L 384 180" fill="#f8cecc" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 180 L 244 232 L 384 232 L 384 180" fill="#ffffff" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 180 L 384 180" fill="none" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="313" y="171.5">INPUT</text></g><path d="M 244 206 L 244 180 L 384 180 L 384 206" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 206 L 244 232 L 384 232 L 384 206" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 206 L 384 206" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="313" y="197.5">KUBE-SERVICES</text></g><path d="M 244 232 L 244 206 L 384 206 L 384 232" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 244 232 L 384 232" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="313" y="222">KUBE-FIREWALL</text></g><path d="M 414 403 L 414 377 L 554 377 L 554 403" fill="#f8cecc" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 403 L 414 454 L 554 454 L 554 403" fill="#ffffff" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 403 L 554 403" fill="none" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="483" y="394.5">FORWARD (filter)</text></g><path d="M 414 429 L 414 403 L 554 403 L 554 429" fill="#dae8fc" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 429 L 414 454 L 554 454 L 554 429" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 429 L 554 429" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="483" y="420.5">KUBE-FORWARD</text></g><path d="M 414 454 L 414 429 L 554 429 L 554 454" fill="#fff2cc" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 454 L 554 454" fill="none" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="483" y="444.5">CILIUM_FORWARD</text></g><path d="M 314 154 L 314 113 L 440.16 113" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 448.41 113 L 437.41 118.5 L 440.16 113 L 437.41 107.5 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 574 113 L 719 113 L 719 140.16" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 719 148.41 L 713.5 137.41 L 719 140.16 L 724.5 137.41 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 314 281 L 314 245.84" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 314 237.59 L 319.5 248.59 L 314 245.84 L 308.5 248.59 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 574 L 24 548 L 344 548 L 344 574" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 574 L 24 600 L 344 600 L 344 574" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 574 L 344 574" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="183" y="565.5">KUBE-FIREWALL</text></g><rect x="24" y="574" width="320" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-580-310-24-0)" font-size="12px"><text x="30.5" y="592.5">-m mark --mark KUBE-MARK-DROP -j DROP</text></g><path d="M 414 566 L 414 540 L 734 540 L 734 566" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 566 L 414 592 L 734 592 L 734 566" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 414 566 L 734 566" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="573" y="557.5">KUBE-POSTROUTING</text></g><rect x="414" y="566" width="320" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-419-572-310-24-0)" font-size="12px"><text x="420.5" y="584.5">-m mark --mark KUBE-MARK-MASQ -j MASQUERADE</text></g><path d="M 24 843 L 24 817 L 504 817 L 504 843" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 843 L 24 921 L 504 921 L 504 843" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 843 L 504 843" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="263" y="834.5">KUBE-FORWARD</text></g><rect x="24" y="843" width="480" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-849-470-24-0)" font-size="12px"><text x="30.5" y="861.5">-m mark --mark KUBE-MARK-MASQ -j ACCEPT</text></g><rect x="24" y="869" width="480" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-875-470-24-0)" font-size="12px"><text x="30.5" y="887.5">-s 10.233.64.0/18 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT</text></g><rect x="24" y="895" width="480" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-901-470-24-0)" font-size="12px"><text x="30.5" y="913.5">-d 10.233.64.0/18 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT</text></g><path d="M 24 703 L 24 677 L 504 677 L 504 703" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 703 L 24 781 L 504 781 L 504 703" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 703 L 504 703" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="263" y="694.5">KUBE-SERVICES</text></g><rect x="24" y="703" width="480" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-709-470-24-0)" font-size="12px"><text x="30.5" y="721.5">! -s 10.233.64.0/18 -d service-ip/32 -p udp -m udp --dport 53 -j KUBE-MARK-MASQ</text></g><rect x="24" y="729" width="480" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-735-470-24-0)" font-size="12px"><text x="30.5" y="747.5">-d 10.233.0.3/32 -p udp -m udp --dport 53 -j KUBE-SVC-X</text></g><rect x="24" y="755" width="480" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-761-470-24-0)" font-size="12px"><text x="30.5" y="773.5">-m addrtype --dst-type LOCAL -j KUBE-NODEPORTS</text></g><path d="M 614 651 L 614 625 L 924 625 L 924 651" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 614 651 L 614 703 L 924 703 L 924 651" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 614 651 L 924 651" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="768" y="642.5">KUBE-SVC-*</text></g><rect x="614" y="651" width="310" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-619-657-300-24-0)" font-size="12px"><text x="620.5" y="669.5">-m statistic --mode random --probability 0.5 -j KUBE-SEP-1</text></g><rect x="614" y="677" width="310" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-619-683-300-24-0)" font-size="12px"><text x="620.5" y="695.5">-j KUBE-SEP-2</text></g><path d="M 504 742 L 559 742 L 559 635 L 603.9 635" fill="none" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 610.65 635 L 601.65 639.5 L 603.9 635 L 601.65 630.5 Z" fill="#333333" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 504 768 L 564 768 L 564 818 L 613.9 818" fill="none" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 620.65 818 L 611.65 822.5 L 613.9 818 L 611.65 813.5 Z" fill="#333333" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 974 729 L 974 703 L 1284 703 L 1284 729" fill="url(#id1)" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 974 729 L 974 781 L 1284 781 L 1284 729" fill="#ffffff" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 974 729 L 1284 729" fill="none" stroke="#6c8ebf" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="1128" y="720.5">KUBE-SEP-2</text></g><rect x="974" y="729" width="310" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-979-735-300-24-0)" font-size="12px"><text x="980.5" y="747.5">-s 10.233.67.33/32 -j KUBE-MARK-MASQ</text></g><rect x="974" y="755" width="310" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-979-761-300-24-0)" font-size="12px"><text x="980.5" y="773.5">-p tcp -m tcp -j DNAT --to-destination 10.233.67.33:53</text></g><path d="M 924 664 L 949 664 L 949 604 L 963.9 604" fill="none" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 970.65 604 L 961.65 608.5 L 963.9 604 L 961.65 599.5 Z" fill="#333333" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 924 690 L 949 690 L 949 716 L 964.9 716" fill="none" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 971.65 716 L 962.65 720.5 L 964.9 716 L 962.65 711.5 Z" fill="#333333" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 914 869 L 934 869 L 934 780 L 594 780 L 594 645 L 603.9 645" fill="none" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 610.65 645 L 601.65 649.5 L 603.9 645 L 601.65 640.5 Z" fill="#333333" stroke="#333333" stroke-width="3" stroke-miterlimit="10" pointer-events="none"/><path d="M 314 332 L 314 396 L 400.16 396" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 408.41 396 L 397.41 401.5 L 400.16 396 L 397.41 390.5 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 554 396 L 592 396 L 592 299 L 615.16 299" fill="none" stroke="#333333" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 623.41 299 L 612.41 304.5 L 615.16 299 L 612.41 293.5 Z" fill="#333333" stroke="#333333" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 719 232 L 719 272.16" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 719 280.41 L 713.5 269.41 L 719 272.16 L 724.5 269.41 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><rect x="24" y="324" width="120" height="60" fill="#e1d5e7" stroke="#9673a6" stroke-width="3" pointer-events="none"/><g transform="translate(55.5,347.5)"><switch><foreignObject style="overflow:visible;" pointer-events="all" width="56" height="12" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; vertical-align: top; width: 57px; white-space: nowrap; overflow-wrap: normal; text-align: center;"><div xmlns="http://www.w3.org/1999/xhtml" style="display:inline-block;text-align:inherit;text-decoration:inherit;"><b>From Pod</b></div></div></foreignObject><text x="28" y="12" fill="#000000" text-anchor="middle" font-size="12px" font-family="Helvetica"><b>From Pod</b></text></switch></g><path d="M 144 255 L 194 255 L 194 294 L 230.16 294" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 238.41 294 L 227.41 299.5 L 230.16 294 L 227.41 288.5 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 144 354 L 194 354 L 194 320 L 230.16 320" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 238.41 320 L 227.41 325.5 L 230.16 320 L 227.41 314.5 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><rect x="1084" y="331" width="120" height="60" fill="#e1d5e7" stroke="#9673a6" stroke-width="3" pointer-events="none"/><g transform="translate(1123.5,354.5)"><switch><foreignObject style="overflow:visible;" pointer-events="all" width="40" height="12" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; vertical-align: top; width: 40px; white-space: nowrap; overflow-wrap: normal; text-align: center;"><div xmlns="http://www.w3.org/1999/xhtml" style="display:inline-block;text-align:inherit;text-decoration:inherit;"><b>To Pod</b></div></div></foreignObject><text x="20" y="12" fill="#000000" text-anchor="middle" font-size="12px" font-family="Helvetica"><b>To Pod</b></text></switch></g><path d="M 1024 281 L 1054 281 L 1054 262 L 1070.16 262" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 1078.41 262 L 1067.41 267.5 L 1070.16 262 L 1067.41 256.5 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 1024 314 L 1054 314 L 1054 361 L 1070.16 361" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 1078.41 361 L 1067.41 366.5 L 1070.16 361 L 1067.41 355.5 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 399 1068 L 399 1042 L 769 1042 L 769 1068" fill="url(#id2)" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 399 1068 L 399 1094 L 769 1094 L 769 1068" fill="#ffffff" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 399 1068 L 769 1068" fill="none" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="583" y="1059.5">CILIUM_POST_mangle</text></g><rect x="399" y="1068" width="370" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-404-1074-360-24-0)" font-size="12px"><text x="405.5" y="1086.5">! -s 127.0.0.1/32 -o cilium_host -j MARK --set-xmark 0x0/0x4000</text></g><path d="M 24 1068 L 24 1042 L 319 1042 L 319 1068" fill="url(#id2)" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 1068 L 24 1120 L 319 1120 L 319 1068" fill="#ffffff" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 24 1068 L 319 1068" fill="none" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="170.5" y="1059.5">CILIUM_FORWARD</text></g><rect x="24" y="1068" width="295" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-1074-285-24-0)" font-size="12px"><text x="30.5" y="1086.5">-d CLUSTER_CIDR -o cilium_host -j ACCEPT</text></g><rect x="24" y="1094" width="295" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-29-1100-285-24-0)" font-size="12px"><text x="30.5" y="1112.5">-s CLUSTER_CIDR -j ACCEPT</text></g><path d="M 809 299 L 830.16 299.25" fill="none" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 838.41 299.35 L 827.35 304.72 L 830.16 299.25 L 827.48 293.72 Z" fill="#1a1a1a" stroke="#1a1a1a" stroke-width="5" stroke-miterlimit="10" pointer-events="none"/><path d="M 629 312 L 629 286 L 809 286 L 809 312" fill="#f8cecc" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 629 312 L 629 337 L 809 337 L 809 312" fill="#ffffff" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 629 312 L 809 312" fill="none" stroke="#b85450" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="718" y="303.5">POSTROUTING (mangle)</text></g><path d="M 629 337 L 629 312 L 809 312 L 809 337" fill="#fff2cc" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 629 337 L 809 337" fill="none" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="718" y="327.5">CILIUM_POST_mangle</text></g><path d="M 844 1068 L 844 1042 L 1239 1042 L 1239 1068" fill="url(#id2)" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 1068 L 844 1120 L 1239 1120 L 1239 1068" fill="#ffffff" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><path d="M 844 1068 L 1239 1068" fill="none" stroke="#d6b656" stroke-width="2" stroke-miterlimit="10" pointer-events="none"/><g fill="#000000" font-family="Helvetica" font-weight="bold" text-anchor="middle" font-size="12px"><text x="1040.5" y="1059.5">CILIUM_POST_nat</text></g><rect x="844" y="1068" width="395" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-849-1074-385-24-0)" font-size="12px"><text x="850.5" y="1086.5">! -s HOST_IP -o cilium_host -j SNAT --to-source HOST_IP</text></g><rect x="844" y="1094" width="395" height="26" fill="#f5f5f5" stroke="#666666" pointer-events="none"/><g fill="#000000" font-family="Helvetica" clip-path="url(#mx-clip-849-1100-385-24-0)" font-size="12px"><text x="850.5" y="1112.5">-s NODE_CIDR ! -d NODE_CIDR ! -o cilium_+ -j MASQUERADE</text></g><image x="23.5" y="970.5" width="50" height="50" xlink:href="https://avatars2.githubusercontent.com/u/21054566?s=400&v=4" preserveAspectRatio="none" pointer-events="none"/><image x="23.5" y="480.5" width="228" height="41" xlink:href="https://upload.wikimedia.org/wikipedia/commons/thumb/6/67/Kubernetes_logo.svg/1024px-Kubernetes_logo.svg.png" preserveAspectRatio="none" pointer-events="none"/><image x="0.5" y="0.5" width="183" height="33" xlink:href="https://upload.wikimedia.org/wikipedia/commons/thumb/6/67/Kubernetes_logo.svg/1024px-Kubernetes_logo.svg.png" preserveAspectRatio="none" pointer-events="none"/><g transform="translate(193.5,0.5)"><switch><foreignObject style="overflow:visible;" pointer-events="all" width="311" height="30" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility"><div xmlns="http://www.w3.org/1999/xhtml" style="display: inline-block; font-size: 12px; font-family: Helvetica; color: rgb(0, 0, 0); line-height: 1.2; vertical-align: top; white-space: nowrap; text-align: center;"><div xmlns="http://www.w3.org/1999/xhtml" style="display:inline-block;text-align:inherit;text-decoration:inherit;"><b><font style="font-size: 27px">iptables Rules Overview</font></b></div></div></foreignObject><text x="156" y="21" fill="#000000" text-anchor="middle" font-size="12px" font-family="Helvetica"><b><font style="font-size: 27px">iptables Rules Overview</font></b></text></switch></g></svg>