rc/network
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
network/roles/firewall/templates
History
Timotej Lazar 78e02134e7 firewall: do track wireguard connections not meant for us 
Oops. Connection tracking is disabled for our wireguard connections
because of source address mangling. We still need to track outside
connections to allow inbound reply packets through the firewall.
2025-07-19 12:02:07 +02:00
..
conntrackd.conf.j2 firewall: sync conntrackd entries from other node on startup 2025-07-18 18:51:10 +02:00
fabric.intf.j2 Initial commit, squashed 2023-12-18 12:55:47 +01:00
frr.conf.j2 firewall: don’t import or advertise subnets for inside networks 2025-03-26 12:32:54 +01:00
interfaces.j2 firewall: ensure wireguard egress traffic uses the anycast source IP 2025-07-18 18:35:36 +02:00
interfaces.nft.j2 Initial commit, squashed 2023-12-18 12:55:47 +01:00
mactab.j2 fabric: consolidate interface templates 2024-02-27 13:35:29 +01:00
mgmt.intf.j2 firewall: get mgmt gateway from custom field on prefix 2025-03-26 19:20:03 +01:00
networks.nft.j2 Query prefixes once for all hosts 2024-04-28 12:14:05 +02:00
nftables.nft.j2 firewall: do track wireguard connections not meant for us 2025-07-19 12:02:07 +02:00
sysctl.conf.j2 firewall: increase max connections 2025-04-16 22:24:01 +02:00
wg.intf.j2 firewall: ensure wireguard egress traffic uses the anycast source IP 2025-07-18 18:35:36 +02:00