Policy preview for egress & ingress `deny all` reports `allow all`

Summary

Policy preview for egress & ingress deny all reports allow all. This can be reproduced in both police drawer and editor.

Screenshot

YAML view:

Screen_Shot_2020-10-19_at_1.47.41_PM

Rule view:

Screen_Shot_2020-10-19_at_1.47.55_PM

Cilium Log

Running from a pod from the respective namespace:

curl http://production-auto-deploy.network-policy-demo-20-production.svc.cluster.local:5000

Cilium Log:

root@minikube:/home/cilium# cilium monitor --type drop
Listening for events on 2 CPUs with 64x4096 of shared memory
Press Ctrl-C to quit
level=info msg="Initializing dissection cache..." subsys=monitor
xx drop (Policy denied) flow 0x0 to endpoint 0, identity 5774->23081: 10.0.0.247:38243 -> 10.0.0.61:53 udp
xx drop (Policy denied) flow 0x0 to endpoint 0, identity 5774->23081: 10.0.0.247:38243 -> 10.0.0.61:53 udp
xx drop (Policy denied) flow 0x0 to endpoint 0, identity 5774->23081: 10.0.0.247:38243 -> 10.0.0.61:53 udp
xx drop (Policy denied) flow 0x0 to endpoint 0, identity 5774->23081: 10.0.0.247:38243 -> 10.0.0.61:53 udp
Edited by Lindsay Kerr