Vendor the external cookbooks

Knife-Zero doesn't include Berkshelf support, so vendoring everything in
the repo is convenient again

cookbooks/firewall/attributes/ufw.rb

@@ -0,0 +1,12 @@
+default['firewall']['ufw']['defaults'] = {
+  ipv6: 'yes',
+  manage_builtins: 'no',
+  ipt_sysctl: '/etc/ufw/sysctl.conf',
+  ipt_modules: 'nf_conntrack_ftp nf_nat_ftp nf_conntrack_netbios_ns',
+  policy: {
+    input: 'DROP',
+    output: 'ACCEPT',
+    forward: 'DROP',
+    application: 'SKIP',
+  },
+}