Daniel Micay
|
14e9cd5b76
|
use standard style for nftables sets
|
2024-03-24 16:23:54 -04:00 |
|
Daniel Micay
|
0ac67c38c3
|
allow IPv6 SSH for discuss.grapheneos.org
This could be useful and disabling it isn't necessary for blocking IPv6
connections to the forum.
|
2024-03-24 15:41:13 -04:00 |
|
Daniel Micay
|
7b64ffd4cd
|
simplify nftables based on strong host model
|
2024-03-24 15:22:00 -04:00 |
|
Daniel Micay
|
59984a477c
|
enforce strong host model via nftables
|
2024-03-24 14:36:24 -04:00 |
|
Daniel Micay
|
ec2cbbdb4e
|
enforce strict reverse path filtering via nftables
|
2024-03-23 13:35:49 -04:00 |
|
Daniel Micay
|
15a2fa132f
|
disable services on IPv6 for discussion forum
|
2023-12-22 17:47:49 -05:00 |
|
Daniel Micay
|
5cef4a2aa6
|
allow geoipupdate internet access for discuss
|
2023-12-21 09:44:05 -05:00 |
|
Daniel Micay
|
07dca7919d
|
reorder network allowlists for consistency
|
2022-08-10 11:13:31 -04:00 |
|
Daniel Micay
|
984d0f200f
|
nftables: implement loopback access control
|
2022-07-25 20:47:29 -04:00 |
|
Daniel Micay
|
ad6e998ec2
|
nftables: filter input service traffic by dst addr
|
2022-07-21 19:32:43 -04:00 |
|
Daniel Micay
|
fdf21af1ae
|
nftables: use notrack accept instead of notrack
|
2022-07-21 17:31:16 -04:00 |
|
Daniel Micay
|
f7da683012
|
nftables: simplify ICMP handling
|
2022-07-18 22:14:35 -04:00 |
|
Daniel Micay
|
494247747c
|
add flarum-admin user
|
2022-07-12 17:36:13 -04:00 |
|
Daniel Micay
|
32074453eb
|
nftables: use numeric port format
|
2022-06-30 07:02:34 -04:00 |
|
Daniel Micay
|
01f9274fc4
|
nftables: implement output filtering for loopback
|
2022-06-30 06:41:52 -04:00 |
|
Daniel Micay
|
e0ab41c4f4
|
nftables: friendlier output traffic filtering
|
2022-06-29 21:27:01 -04:00 |
|
Daniel Micay
|
3ca0c347c6
|
add baseline nftables configurations
|
2022-06-29 10:53:07 -04:00 |
|