Close unnessessary open ports
I noticed that there are more open ports than there should be:
❯ nmap -n varac-oas.openappstack.net -p 1-65535
Starting Nmap 7.70 ( https://nmap.org ) at 2019-09-10 13:26 CEST
Nmap scan report for varac-oas.openappstack.net (213.108.108.227)
Host is up (0.024s latency).
Not shown: 65519 filtered ports
PORT STATE SERVICE
22/tcp open ssh
53/tcp open domain
80/tcp open http
443/tcp open https
6443/tcp open sun-sr-https
30090/tcp open unknown
30222/tcp open unknown
30669/tcp open unknown
30928/tcp open unknown
Especially DNS and all those ports above port 30000 (30090 i.e. is prometheus) should be closed.
Somehow the nftables fw script does not work as expected.