From f68372e175dece41f50f99af3fb894a35e54cb3c Mon Sep 17 00:00:00 2001 From: "kevin.xu" Date: Tue, 20 Feb 2018 19:49:13 +0800 Subject: [PATCH] Update network_policy_controller.go (#315) * Update network_policy_controller.go typo * Update network_policy_controller.go typos --- app/controllers/network_policy_controller.go | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/app/controllers/network_policy_controller.go b/app/controllers/network_policy_controller.go index e4984c93..2d77446e 100644 --- a/app/controllers/network_policy_controller.go +++ b/app/controllers/network_policy_controller.go @@ -26,12 +26,12 @@ import ( // Network policy controller provides both ingress and egress filtering for the pods as per the defined network // policies. Two different types of iptables chains are used. Each pod running on the node which either -// requires ingress or egress filtering gets a pod specific chian. Each network policy has a iptable chain, which -// has rules expreessed through ipsets matching source and destination pod ip's. In the FORWARD chain of the +// requires ingress or egress filtering gets a pod specific chains. Each network policy has a iptable chain, which +// has rules expressed through ipsets matching source and destination pod ip's. In the FORWARD chain of the // filter table a rule is added to jump the traffic originating (in case of egress network policy) from the pod -// or destined (in case of ingress network policy) to the pod to the pod specific iptable chain. Each -// pod specifc iptable chain has rules to jump to the network polices chains, that pod matches. So packet -// originating/destined from/to pod goes throuh fitler table's, FORWARD chain, followed by pod specific chain, +// or destined (in case of ingress network policy) to the pod specific iptable chain. Each +// pod specific iptable chain has rules to jump to the network polices chains, that pod matches. So packet +// originating/destined from/to pod goes through fitler table's, FORWARD chain, followed by pod specific chain, // followed by one or more network policy chains, till there is a match which will accept the packet, or gets // dropped by the rule in the pod chain, if there is no match.