In gke cluster have a pod (hello) in default namespace, which acts like a client and connects to a server; installed in a windows vm present outside of cluster. Once connection is established between the client pod and server on windows vm; the pod receives transactions from server to the pod. In my policy I have given both egress and ingress rules. Strangely the even after giving wrong CIDR , the pod still receives traffic from windows vm. Hello app pod service is a loadbalancer type, which has external node IP. Expected result is when given wrong ip the connection should be denied, but I can still get transactions from server present on windows VM, even when i gave wrong ip in cidrblock.

here is my network policy.

apiVersion: networking.k8s.io/v1
kind: NetworkPolicy
metadata:
  name: hello-network-policy  
  namespace: default
spec:
  podSelector:
    matchLabels:
      app: hello
      namespace: default
  policyTypes:
  - Ingress
  - Egress
  ingress:
  - from:
     - ipBlock:
         cidr: 10.2.0.6/32 # ip of windows vm present outside of cluster
  egress:
    - to:
       - ipBlock:
           cidr: 10.7.0.3/32 # ip of db present outside of cluster
      ports:
        - port: 5432
    - to:
       - ipBlock:
           cidr: 10.2.0.6/32 # pod to connect to the windows
    - to:
      - namespaceSelector:
          matchLabels:
            name: kube-system
      ports:
        - port: 53
          protocol: UDP
    - to:
      - podSelector:
          matchLabels:
            app: activemq
    - to:
      - podSelector:
           matchLabels:
             app: rabbitmq