Skip to content

ansible: add 'firewall' role

clayton craft requested to merge craftyguy/valve-infra:ansible-docker into master

Configures a basic firewall using nftables, with outbound connections disabled (will be allowed in a later role that setups up dnsmasq w/ 'nftset')

ssh connections are accepted, and logging of all dropped packets is enabled to help with debugging connection issues / refining rules

Merge request reports