Daniel Micay
|
16ef317460
|
nftables: rename output-reject to graceful-reject
|
2024-03-27 12:31:09 -04:00 |
|
Daniel Micay
|
14e9cd5b76
|
use standard style for nftables sets
|
2024-03-24 16:23:54 -04:00 |
|
Daniel Micay
|
7b64ffd4cd
|
simplify nftables based on strong host model
|
2024-03-24 15:22:00 -04:00 |
|
Daniel Micay
|
59984a477c
|
enforce strong host model via nftables
|
2024-03-24 14:36:24 -04:00 |
|
Daniel Micay
|
ec2cbbdb4e
|
enforce strict reverse path filtering via nftables
|
2024-03-23 13:35:49 -04:00 |
|
Daniel Micay
|
8d1782161f
|
stop sending external ADoT queries through unbound
|
2024-01-19 13:44:47 -05:00 |
|
Daniel Micay
|
5ed0c02e99
|
nftables: extend notrack rules for ADoT changes
|
2024-01-19 12:51:52 -05:00 |
|
Daniel Micay
|
38bb002a01
|
add authenticated DNS-over-TLS to nameservers
|
2023-11-05 00:51:33 -04:00 |
|
Daniel Micay
|
3a92693611
|
move PowerDNS webserver to localhost port 81
|
2023-11-05 00:31:54 -04:00 |
|
Daniel Micay
|
3d869bcac7
|
split out anycast DNS nftables configuration
|
2023-06-19 03:28:59 -04:00 |
|