iptable just "return" by uid as the parameter u indicates

[rokii]

resolve this #6557

[rokii]

/assign @mandarjog

[ymesika]

/ok-to-test

[rokii]

@hklai Could you review this?

[hklai]

@nmittler should be a better person to review this.

[nmittler]

@costinm should take a look as well

[nmittler]

@costinm I'm not sure the original intent of matching on the group. Is this something that we can safely remove?

[rokii]

If group has to be an option,it is better to provide -g param separately

[costinm]

I believe tproxy is using the gid ( and it happens that gid and uid are the same ).

The right fix would be to add an explicit {gid} param, with same default value as uid.

TPROXY will be needed long term ( when we add UDP for example).

[codecov]

Codecov Report

Merging #6561 into master will decrease coverage by 1%.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master   #6561    +/-   ##
=======================================
- Coverage      68%     68%   -<1%     
=======================================
  Files         357     357            
  Lines       31304   31153   -151     
=======================================
- Hits        21204   20994   -210     
- Misses       9254    9318    +64     
+ Partials      846     841     -5

Impacted Files	Coverage Δ
...olarwinds/internal/papertrail/papertrail_logger.go	59% <0%> (-21%)	⬇️
mixer/adapter/servicecontrol/reportprocessor.go	73% <0%> (-7%)	⬇️
mixer/adapter/signalfx/registry.go	86% <0%> (-5%)	⬇️
pilot/pkg/serviceregistry/kube/controller.go	64% <0%> (-4%)	⬇️
mixer/adapter/servicecontrol/distValueBuilder.go	92% <0%> (-3%)	⬇️
mixer/adapter/signalfx/metrics.go	41% <0%> (-2%)	⬇️
galley/pkg/kube/listener.go	93% <0%> (-2%)	⬇️
mixer/adapter/bypass/bypass.go	62% <0%> (-1%)	⬇️
mixer/adapter/kubernetesenv/cache.go	92% <0%> (-1%)	⬇️
mixer/adapter/memquota/dedup.go	100% <0%> (ø)	⬆️
... and 13 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5c56fcb...dfc9b8e. Read the comment docs.

[nmittler]

/lgtm
/approve

[istio-testing]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: nmittler, rokii
To fully approve this pull request, please assign additional approvers.
We suggest the following additional approver: mandarjog

Assign the PR to them by writing /assign @mandarjog in a comment when ready.

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[rokii]

/retest

[istio-testing]

@rokii: The following test failed, say /retest to rerun them all:

Test name	Commit	Details	Rerun command
prow/e2e-dashboard.sh	dfc9b8e	link	/test e2e-dashboard

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.