Open Issues Need Help
View All on GitHub network policy: ipv6-icmp is not blocked 29 days ago
AI Summary: The issue describes a problem where IPv6 ICMP traffic is not being blocked by Kubernetes Network Policies as expected, even when policies are in place. The root cause appears to be an `accept` rule for `meta l4proto ipv6-icmp` in the nftables configuration generated by kube-network-policies. The solution involves modifying the kube-network-policies configuration to allow only specific ICMPv6 types related to Neighbor Discovery (ND) while blocking other ICMPv6 traffic, ensuring proper IPv6 functionality while maintaining network security.
Complexity:
4/5
help wanted