Firewall

Office firewall

Since we’re using UniFi equpment in our Office network, the firewall can be configured via the UniFi Cloud Key.

Linux firewall

The firewall on the Linux servers is implemented via nftables.

However, since we’re using Ansible, resp. Semaphore, the firewall is configured via the config OS playbook, resp. the firewall role.

Note

Check out the firewall README for a detailed documentation of our nftables firewall configuration.

Please also note that we’re using several FireHOL blacklists to proactively block bad actors.