About the iptables settings that kube-proxy sets at startup

The following settings are set in iptables when kube-proxy starts.

Chain KUBE-FORWARD (1 references)

  • pkts bytes target prot opt in out source destination*
  • 0 0 DROP all – * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID*
  • 0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding rules / mark match 0x4000/0x4000
  • 0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding conntrack pod source rule / ctstate RELATED,ESTABLISHED
  • 0 0 ACCEPT all – * * 0.0.0.0/0 0.0.0.0/0 /* kubernetes forwarding conntrack pod destination rule / ctstate RELATED,ESTABLISHED

Due to the DROP setting of ctstae invalid, communication will be dropped even if it is not Microk8s communication.

Is it possible not to set the above iptables?