31 lines
1.1 KiB
YAML
31 lines
1.1 KiB
YAML
---
|
|
security_apt_force_https: true
|
|
security_apt_https_ignore_list: []
|
|
security_clamav_version: 1.3.1
|
|
security_configure_resolve_conf: false
|
|
security_firewall_enabled: true
|
|
security_firewall_filter_policy_forward: drop
|
|
security_firewall_filter_policy_input: drop
|
|
security_firewall_filter_policy_output: drop
|
|
security_firewall_mangle_drop_privatenets: true
|
|
security_firewall_mangle_drop_reservednets: true
|
|
security_firewall_mangle_policy_forward: drop
|
|
security_firewall_mangle_policy_output: accept
|
|
security_firewall_mangle_policy_postrouting: accept
|
|
security_firewall_mangle_policy_prerouting: accept
|
|
security_firewall_nat_policy_input: accept
|
|
security_firewall_nat_policy_output: accept
|
|
security_firewall_nat_policy_postrouting: accept
|
|
security_firewall_nat_policy_prerouting: accept
|
|
security_ssh_port: 22
|
|
security_sysctl_configuration: {}
|
|
security_firewall_reserved_nets_ip4:
|
|
# - 0.0.0.0/8 # if blocked, will block DHCP provisioning
|
|
# - 169.254.0.0/16 # if blocked, will block DHCP provisioning
|
|
- 192.0.2.0/24
|
|
- 192.88.99.0/24
|
|
- 198.51.100.0/24
|
|
- 203.0.113.0/24
|
|
- 224.0.0.0/4
|
|
- 233.252.0.0/24
|
|
- 240.0.0.0/4
|