Add service proxy This adds a service proxy based on nfproxy and changes to the service IP allocation to make it work. Also adds support for masquerading outbound traffic for outbound network connectivity. Test Plan: Currently manually tested by creating an alpine pod and running 'apk add curl && curl -k https://192.168.188.1:443/'. Will be covered later by CTS. Bug: T810 X-Origin-Diff: phab/D580 GitOrigin-RevId: cace863fd8c2f045560f8abf84c40cc77bc275d4

commit: b682ba55d4a51babad2beebb470b0fef0e6067ca [log] [tgz]
author: Lorenz Brun <lorenz@nexantic.com> Wed Jul 08 14:51:36 2020 +0200
committer: Lorenz Brun <lorenz@nexantic.com> Wed Jul 08 14:51:36 2020 +0200
tree: d94c2bb98f3a47896558d9cd4d2cc0271a4558c7
parent: f85748717f32f0a74816de01b1e5f2e0104342c5 [diff] [blame]
diff --git a/core/internal/network/BUILD.bazel b/core/internal/network/BUILD.bazel
index 9eefc1b..ad7de74 100644
--- a/core/internal/network/BUILD.bazel
+++ b/core/internal/network/BUILD.bazel

@@ -8,6 +8,8 @@
     deps = [
         "//core/internal/common/supervisor:go_default_library",
         "//core/internal/network/dhcp:go_default_library",
+        "@com_github_google_nftables//:go_default_library",
+        "@com_github_google_nftables//expr:go_default_library",
         "@com_github_vishvananda_netlink//:go_default_library",
         "@org_golang_x_sys//unix:go_default_library",
         "@org_uber_go_zap//:go_default_library",
commit	b682ba55d4a51babad2beebb470b0fef0e6067ca	[log] [tgz]
author	Lorenz Brun <lorenz@nexantic.com>	Wed Jul 08 14:51:36 2020 +0200
committer	Lorenz Brun <lorenz@nexantic.com>	Wed Jul 08 14:51:36 2020 +0200
tree	d94c2bb98f3a47896558d9cd4d2cc0271a4558c7
parent	f85748717f32f0a74816de01b1e5f2e0104342c5 [diff] [blame]