1. Proposed title of this feature request

Update default policy in iptables' chains with OVN-K config scripts

2. What is the nature and description of the request?

PLATFORM: 4.14 OVN-K based OCP cluster with RHEL workers (upgraded from previous versions)

The current default policy is ACCEPT by OVN-K, 

• This is about RHEL worker only, since it uses default DROP in iptables - coreOS has default ACCEPT, 
• default OVN rules get appended on boot, but few are missing, so certain traffic type (case description) is dropped, leading to e.g. lack of communication to k8s API via default svc

The request here is to make the default DROP and relevant/missing rules to be added along with other OVN-K configurations upon node boot.

3. Why does the customer need this? (List the business requirements here)

Customer is adding missing rules manually.

4. List any affected packages or components.

OVN-K