CREATIVE_tg1/github-copilot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
e5dc08987dc06f0450011c8972ff2d10be34d87f
github-copilot/.github/skills/openwrt-network-hardening/SKILL.md
T
ВяткинАртём e5dc08987d feat: Add new agents and skills for Docker, TestLink, and OpenWrt 
- Introduced "Docker Build & Test Engineer" agent for building and testing Docker images.
- Added "TestLink Autotest Engineer" agent for generating and verifying autotests from TestLink cases.
- Created "Branch Review Engineer" agent for reviewing branch diffs and proposing improvements.
- Developed "OpenWrt VPN & Network Engineer" agent for designing and implementing OpenWrt networking with VPN.
- Established a structured directory for agents, skills, prompts, instructions, and hooks under `.github/`.
- Implemented detailed skills for branch review processes, including reading code, analyzing improvements, and applying changes.
- Added skills for OpenWrt network discovery, VPN routing, and hardening.
- Created README files for better documentation and navigation of the repository structure.
2026-04-08 09:47:18 +03:00

1.3 KiB
Raw Blame History

name, description, argument-hint
name description argument-hint
openwrt-network-hardening Harden and verify OpenWrt VPN deployment with fail-closed routing, DNS leak prevention, and operational checks for split tunneling/GeoIP/ASN rules. Use when: openwrt hardening, vpn leak prevention, kill switch openwrt, verify split tunnel, validate geoip/asn policy. Applied or planned OpenWrt VPN configuration

OpenWrt Network Hardening

Finalize reliability, security, and day-2 operations after VPN routing setup.

Procedure

Step 1 - Fail-Closed and Leak Controls

Define controls:

  • kill-switch or fail-closed path for protected traffic
  • DNS leak prevention between WAN and tunnel
  • default-deny posture for sensitive tunnel-marked flows

Step 2 - Service Robustness

Set:

  • service dependency ordering
  • restart policies
  • health-check commands
  • basic rollback strategy

Step 3 - Monitoring and Troubleshooting

Provide checks for:

  • tunnel up/down state
  • route-policy correctness
  • packet counters for expected rule hits
  • endpoint reachability and latency

Step 4 - Operational Runbook

Document:

  • what to verify after reboot
  • what to verify after package upgrades
  • how to rotate endpoints or credentials safely

Output Format

## Hardening and Verification

### Controls Applied
- ...

### Health Checks
- ...

### Runbook
- ...

### Rollback
- ...
Reference in New Issue View Git Blame Copy Permalink