My goal is to:

• Allow all TCP and UDP traffic for certain ports for incoming connections and allow all traffic for outgoing connections (both of which I already know how to do)
• Maintain the ability to block particular IP addresses from accessing all droplets the cloud firewall protects (i.e. a droplet-wide ban), as I am hosting services on multiple droplets and want to offload most of the firewall controls to the cloud firewall system. I'd love to offload everything to it (i.e. VPN routing and such).... if anyone knows how to do that, please let me know.