Enable the firewall.

Now that we have networking working, I can enable the firewall and confirm nothing breaks.

nix/kubernetes/roles/debugging/default.nix

@@ -27,7 +27,9 @@
       ldns # for drill
     ];
 
-    networking.firewall.enable = false; # TODO: This is just here for debugging / initial development.
-    # TODO: Maybe use networking.nftables.enable to switch to nftables?
+    # This can make debugging easier by rejecting packets instead of dropping them:
+    networking.firewall.rejectPackets = true;
+    # Log each rejected packet instead of just each connection.
+    networking.firewall.logRefusedPackets = true;
   };
 }