| Commit message (Collapse) | Author | Age | Files | |
|---|---|---|---|---|
| * | Use a dedicated, non-routable, IPv4 for IPSec. | Guilhem Moulin | 2015-06-07 | 2 |
| | | | | | | | | At the each IPSec end-point the traffic is DNAT'ed to / MASQUERADE'd from our dedicated IP after ESP decapsulation. Also, some IP tables ensure that alien (not coming from / going to the tunnel end-point) is dropped. | |||
| * | Major refactoring of the firewall. | Guilhem Moulin | 2015-06-07 | 1 |
| | | | | | | | | | | | Also, added some options: -f force: no confirmation asked -c check: check (dry-run) mode -v verbose: see the difference between old and new ruleset -4 IPv4 only -6 IPv6 only | |||
| * | Configure the (basic) logging policy. | Guilhem Moulin | 2015-06-07 | 3 |
| | | ||||
| * | Configure rkhunter. | Guilhem Moulin | 2015-06-07 | 2 |
| | | ||||
| * | Configure samhain. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Configure v4 and v6 iptable rulesets. | Guilhem Moulin | 2015-06-07 | 1 |
| | | ||||
| * | Configure APT. | Guilhem Moulin | 2015-06-07 | 3 |
 |
index : fripost-ansible | |
| Fripost ansible scripts |
| summaryrefslogtreecommitdiffstats |