Environment:
------------
ENVOY_PORT=
INBOUND_CAPTURE_PORT=
ISTIO_INBOUND_INTERCEPTION_MODE=
ISTIO_INBOUND_TPROXY_MARK=
ISTIO_INBOUND_TPROXY_ROUTE_TABLE=
ISTIO_INBOUND_PORTS=
ISTIO_LOCAL_EXCLUDE_PORTS=
ISTIO_SERVICE_CIDR=
ISTIO_SERVICE_EXCLUDE_CIDR=

Variables:
----------
PROXY_PORT=12345
PROXY_INBOUND_CAPTURE_PORT=15006
PROXY_UID=4321
INBOUND_INTERCEPTION_MODE=REDIRECT
INBOUND_TPROXY_MARK=1337
INBOUND_TPROXY_ROUTE_TABLE=133
INBOUND_PORTS_INCLUDE=5555,6666
INBOUND_PORTS_EXCLUDE=7777,8888
OUTBOUND_IP_RANGES_INCLUDE=*
OUTBOUND_IP_RANGES_EXCLUDE=9.9.0.0/16
OUTBOUND_PORTS_EXCLUDE=
KUBEVIRT_INTERFACES=eth1,eth2
ENABLE_INBOUND_IPV6=

iptables -t nat -N ISTIO_REDIRECT
iptables -t nat -A ISTIO_REDIRECT -p tcp -j REDIRECT --to-port 12345
iptables -t nat -N ISTIO_IN_REDIRECT
iptables -t nat -A ISTIO_IN_REDIRECT -p tcp -j REDIRECT --to-port 12345
iptables -t nat -N ISTIO_INBOUND
iptables -t nat -A PREROUTING -p tcp -j ISTIO_INBOUND
iptables -t nat -A ISTIO_INBOUND -p tcp --dport 5555 -j ISTIO_IN_REDIRECT
iptables -t nat -A ISTIO_INBOUND -p tcp --dport 6666 -j ISTIO_IN_REDIRECT
iptables -t nat -N ISTIO_OUTPUT
iptables -t nat -A OUTPUT -p tcp -j ISTIO_OUTPUT
iptables -t nat -A ISTIO_OUTPUT -o lo -s 127.0.0.6/32 -j RETURN
iptables -t nat -A ISTIO_OUTPUT -o lo ! -d 127.0.0.1/32 -j ISTIO_IN_REDIRECT
iptables -t nat -A ISTIO_OUTPUT -m owner --uid-owner 4321 -j RETURN
iptables -t nat -A ISTIO_OUTPUT -m owner --gid-owner 4444 -j RETURN
iptables -t nat -A ISTIO_OUTPUT -d 127.0.0.1/32 -j RETURN
iptables -t nat -A ISTIO_OUTPUT -d 9.9.0.0/16 -j RETURN
iptables -t nat -I PREROUTING 1 -i eth1 -j RETURN
iptables -t nat -I PREROUTING 1 -i eth2 -j RETURN
iptables -t nat -A ISTIO_OUTPUT -j ISTIO_REDIRECT
iptables -t nat -I PREROUTING 1 -i eth1 -j ISTIO_REDIRECT
iptables -t nat -I PREROUTING 1 -i eth2 -j ISTIO_REDIRECT
ip6tables -F INPUT
ip6tables -A INPUT -m state --state ESTABLISHED -j ACCEPT
ip6tables -A INPUT -i lo -d ::1 -j ACCEPT
ip6tables -A INPUT -j REJECT
iptables-save 
ip6tables-save 
