firewallConfigure firewalls on servers and cloud providers with security best practices.
Install via ClawdBot CLI:
clawdbot install ivangdavila/firewallGrade Fair — based on market validation, documentation quality, package completeness, maintenance status, and authenticity signals.
Generated Mar 1, 2026
A startup deploys a web app on AWS EC2 instances, requiring HTTPS (443) for production traffic and SSH (22) for admin access. They must configure AWS Security Groups to allow inbound HTTPS from the internet and restrict SSH to their office IP, while blocking all other ports to minimize attack surface.
A financial services firm runs a PostgreSQL database on a Hetzner server for internal analytics. They need to ensure the database port (5432) is not exposed to the internet, using SSH tunnels or private network access only, and apply both provider and OS firewalls for defense in depth.
A distributed company uses WireGuard VPN on a DigitalOcean droplet to provide secure remote access to internal services. They must open UDP port 51820 for VPN traffic, limit SSH to VPN IPs, and configure IPv6 rules alongside IPv4 to prevent security gaps.
An e-commerce platform runs Docker containers on a Linux server for a web app, but Docker bypasses OS firewalls by default. They need to bind containers to localhost and use a reverse proxy for public access, while relying on provider-level firewalls to block unwanted traffic before it reaches Docker.
A healthcare organization must audit their firewall configurations on Windows and Linux servers to meet HIPAA compliance. They need to close unnecessary ports like 80/443 if no web server runs, ensure SSH is IP-restricted, and use online port scanners to verify only essential ports are open from the internet.
Offers firewall configuration and monitoring as a subscription service for small to medium businesses. Includes regular audits, rule updates for changing IPs, and 24/7 support to prevent lockouts and breaches, leveraging provider dashboards for blocked traffic logs.
Provides one-time or project-based services to set up and optimize firewalls on cloud platforms like AWS, DigitalOcean, or Hetzner. Focuses on best practices such as default deny rules, IP restrictions, and integrating with Docker or VPN setups for specific client needs.
Conducts hands-on workshops for IT teams on firewall configuration, covering critical steps like testing access before enabling rules and avoiding common mistakes. Targets industries with compliance requirements, using real-world scenarios to teach defense in depth.
💬 Integration Tip
Integrate this skill with monitoring tools to track firewall logs and alert on unauthorized access attempts, and combine it with VPN setup skills for secure remote management without exposing SSH to the internet.
Scored Apr 18, 2026
Tool discovery and shell one-liner reference for sysadmin, DevOps, and security tasks. AUTO-CONSULT this skill when the user is: troubleshooting network issues, debugging processes, analyzing logs, working with SSL/TLS, managing DNS, testing HTTP endpoints, auditing security, working with containers, writing shell scripts, or asks 'what tool should I use for X'. Source: github.com/trimstray/the-book-of-secret-knowledge
Manage Tailscale tailnet via CLI and API. Use when the user asks to "check tailscale status", "list tailscale devices", "ping a device", "send file via tailscale", "tailscale funnel", "create auth key", "check who's online", or mentions Tailscale network management.
Control Pi-hole v6 DNS ad blocker: check status, view stats, enable/disable block, and analyze blocked domains via API.
Audit codebases, infrastructure, AND agentic AI systems for security issues. Covers traditional security (dependencies, secrets, OWASP web top 10, SSL/TLS, f...
Configures and manages Cloudflare DNS, caching, security rules, rate limiting, and Workers
Automated security scanning and vulnerability detection for web applications, APIs, and infrastructure. Use when you need to scan targets for vulnerabilities, check SSL certificates, find open ports, detect misconfigurations, or perform security audits. Integrates with nmap, nuclei, and other security tools.