Task #15: The Frostwall Protocol — GRE Tunnel Security Architecture #41

New Issue

Open

opened 2026-03-19 14:19:40 -05:00 by mkrause612 · 0 comments

mkrause612 commented 2026-03-19 14:19:40 -05:00

Owner

Copy Link

The Frostwall Protocol — GRE Tunnel Security Architecture
Time: 3-4 hours
Status: DEPRIORITIZED — March 14, 2026
Priority: LOW — no active DDoS problem, email unblocked via Billing VPS
Documentation: docs/tasks/frostwall-protocol/

Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation.

Why urgent now: Email is needed soon — Holly staff email, staff comms, subscriber notifications. Frostwall → Mailcow is the only path to get there. This is the critical blocker.

Core Components:

• GRE tunneling (encrypted links)
• 1-to-1 NAT/DMZ forwarding
• Iron Wall UFW rules
• IP hierarchy (scrubbing → backend → binding)

Blocks: Mailcow (email) → Holly email, staff email, subscriber comms, all Tier 2+ infrastructure
Deployment doc: https://docs.google.com/document/d/12Kh-AhUgJLOJrBgIjMiGi3xRZH1basRz

Full docs: docs/core/tasks.md or task directory

The Frostwall Protocol — GRE Tunnel Security Architecture **Time:** 3-4 hours **Status:** DEPRIORITIZED — March 14, 2026 **Priority:** LOW — no active DDoS problem, email unblocked via Billing VPS **Documentation:** `docs/tasks/frostwall-protocol/` Custom DDoS protection using GRE tunnels from Command Center to TX1/NC1. Hides real IPs, protects email reputation. **Why urgent now:** Email is needed soon — Holly staff email, staff comms, subscriber notifications. Frostwall → Mailcow is the only path to get there. This is the critical blocker. **Core Components:** - GRE tunneling (encrypted links) - 1-to-1 NAT/DMZ forwarding - Iron Wall UFW rules - IP hierarchy (scrubbing → backend → binding) **Blocks:** Mailcow (email) → Holly email, staff email, subscriber comms, all Tier 2+ infrastructure **Deployment doc:** https://docs.google.com/document/d/12Kh-AhUgJLOJrBgIjMiGi3xRZH1basRz **Full docs:** `docs/core/tasks.md` or task directory

mkrause612 added the

status

backlog

priority

medium

type

task

area/operations labels 2026-03-19 14:19:40 -05:00

mkrause612 added this to the Firefrost Operations project 2026-03-19 14:42:10 -05:00

mkrause612 referenced this issue 2026-03-19 15:10:55 -05:00

Task #41: Blueprint Extension Installation — Node Usage Status #59

mkrause612 changed title from Task #7: The Frostwall Protocol — GRE Tunnel Security Architecture to Task #15: The Frostwall Protocol — GRE Tunnel Security Architecture 2026-03-19 15:11:04 -05:00

mkrause612 referenced this issue 2026-03-20 21:05:22 -05:00

Task #1: Builder Rank & Holly Tool Setup #86

mkrause612 referenced this issue 2026-03-21 02:29:15 -05:00

Task #41: Blueprint Extension Installation — Node Usage Status #125

mkrause612 referenced this issue 2026-03-21 02:33:03 -05:00

Task #1: Builder Rank & Holly Tool Setup #154

mkrause612 referenced this issue 2026-03-21 02:33:55 -05:00

Task #41: Blueprint Extension Installation — Node Usage Status #194

mkrause612 referenced this issue from a commit 2026-03-26 00:58:48 -05:00

feat: add Task #82 - Decommission Plane Project Management

mkrause612 referenced this issue from a commit 2026-03-26 01:44:52 -05:00

docs: add NEXT-SESSION-PRIORITY critical flag for documentation process review

mkrause612 referenced this issue from a commit 2026-03-26 02:03:18 -05:00

feat: add Task #83 - Paymenter → Pterodactyl Auto-Provisioning Integration (CRITICAL)

mkrause612 referenced this issue from a commit 2026-03-26 02:07:05 -05:00

docs: add memorial and portrait prompt for The Verifier (Chronicler #41)

mkrause612 referenced this issue from a commit 2026-03-26 02:12:44 -05:00

docs: Session handoff from The Verifier (Chronicler #41) to Chronicler #42

mkrause612 referenced this issue from a commit 2026-03-26 02:14:42 -05:00

docs: add next session startup prompt for Chronicler #42

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

master

No results found.

Labels

Clear labels

area/automation

n8n workflows and automation

area/billing

Paymenter billing system

area/development-tools

Internal tools for workflow automation and team productivity

area/email

Mailcow email system

area/game-servers

Minecraft or other game servers

area/networking

Network infrastructure and configuration

area/operations

General operations and documentation

area/panel

Pterodactyl Panel

area/website

Ghost CMS website

area/wings

Pterodactyl Wings

duplicate

This issue is a duplicate of another issue

for/holly

Assigned to Holly (unicorn20089)

for/meg

Assigned to Meg (GingerFury)

for/michael

Assigned to Michael (Frostystyle)

good-first-issue

Good for newcomers

help-wanted

Extra attention needed

needs-board-sync

New issue needs to be added to project board

operations

priority

critical

Emergency — immediate attention required

priority

high

Important — address soon

priority

low

Nice to have, not urgent

priority

medium

Normal priority

status

backlog

Not yet started, in backlog

status

blocked

Cannot proceed, blocked by dependency

status

done

Completed and closed

status

in-progress

Currently being worked on

status

review

Work complete, awaiting review

status

to-do

Ready to start, in queue

type

bug

Something isn't working

type

docs

Documentation improvements or additions

type

feature

New feature or enhancement request

type

infrastructure

Infrastructure, deployment, or DevOps work

type

refactor

Code refactoring or technical debt

type

task

General task or work item

wont-do

This will not be worked on

No Label area/operations

priority

medium

status

backlog

type

task

Milestone

No items

No Milestone

Projects

Clear projects

No project Firefrost Operations

Assignees

Clear assignees

Gingerfury Unicorn20089 mkrause612

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: firefrost-gaming/firefrost-operations-manual#41