From 93158e778814373331a375fea3ed4ea5d95ce12b Mon Sep 17 00:00:00 2001
From: jorgeboti <jorgeboti@pheros.es>
Date: Wed, 28 Jul 2021 20:06:05 +0000
Subject: [PATCH] Actualizar 'README.md'

---
 README.md | 27 ++++++++++++++++++++++++++-
 1 file changed, 26 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1bb70c3..58d985c 100644
--- a/README.md
+++ b/README.md
@@ -140,6 +140,31 @@ kubeadm join 172.16.100.100:6443 --token colmta.7uxl2adqk6x6w6wu \
         --discovery-token-ca-cert-hash sha256:87497e41439ff2d7c620eff16c534d1c67c8dc0a9b6c43543bc4e008305f7106
 
 
-### Despliegue de flannel
+### Despliegue de calico
 
 kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml
+
+### Ajustar iptables /etc/systemd/scripts/ip4save
+
+# init
+*filter
+:INPUT DROP [0:0]
+:FORWARD DROP [0:0]
+:OUTPUT DROP [0:0]
+# Allow local-only connections
+-A INPUT -i lo -j ACCEPT
+-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
+#keep commented till upgrade issues are sorted
+#-A INPUT -j LOG --log-prefix "FIREWALL:INPUT "
+-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
+-A INPUT -p icmp -m icmp --icmp-type 8 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 2379:2380 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 6443 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 10250:10252 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 179 -j ACCEPT
+-A INPUT -p tcp -m tcp --dport 4789 -j ACCEPT
+
+-A OUTPUT -j ACCEPT
+
+COMMIT
+# Completed on Wed Jul 28 18:36:00 2021