Hi Serguei, On Tue, Nov 26, 2019 at 03:47:49PM +0000, Serguei Bezverkhi (sbezverk) wrote: > I totally get it that it is not possible in theory, but the matter of fact is in kubernetes somehow it works, maybe in some cases this check is not enforced, I do not know. If you are interested to investigate it further, please let me know as I said I have a cluster with these 2 rules configured. In another case I noticed that user-defined chains are a way to circumvent these types of functional restrictions. If that's good or bad is up to you to decide. ;) Regarding the desired functionality, I guess you're wandering the sinkhole-filled plains of undefined behaviour. Cheers, Phil
