Getting started with NFTables - long way to go

2025-09-29 15:52:06 +02:00
parent aea521cba4
commit 20dd97aafa
8 changed files with 92 additions and 6 deletions
--- a/todo.txt
+++ b/todo.txt
@@ -1,3 +1,12 @@
 backup(), restore()

-Volume labels (label)
+Volume labels (label)
+
+Switch to NFTables or UFW.
+
+Firewall:
+- Block all traffic by default
+- Allow outgoing (wan) http,https,dns,ssh,ntp,ping
+- Allow incoming (wan) http,https,ssh,wireguard
+- Allow wireguard traffic to lan (so access for instance 192.168.2.x) and wan (access the internet),
+BUT only http,https,ping,dns