aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/roles/firewall
diff options
context:
space:
mode:
authorEgor Tensin <Egor.Tensin@gmail.com>2023-08-14 02:38:27 +0200
committerEgor Tensin <Egor.Tensin@gmail.com>2023-08-14 02:57:10 +0200
commitdc4dc69b820b1c598eb5de0b26d2e43fb9dc59f8 (patch)
tree2970320489b01eb07ca2004537f6e0d19322c899 /roles/firewall
parentv0.0.11 (diff)
downloadinfra-ansible-dc4dc69b820b1c598eb5de0b26d2e43fb9dc59f8.tar.gz
infra-ansible-dc4dc69b820b1c598eb5de0b26d2e43fb9dc59f8.zip
add a bunch of READMEs for roles
Diffstat (limited to '')
-rw-r--r--roles/firewall/README.md7
1 files changed, 7 insertions, 0 deletions
diff --git a/roles/firewall/README.md b/roles/firewall/README.md
new file mode 100644
index 0000000..9c1a572
--- /dev/null
+++ b/roles/firewall/README.md
@@ -0,0 +1,7 @@
+This role configures iptables rules in /etc/iptables/rules.v{4,6} to be used by
+iptables-persistent.
+
+I found it easier and more flexible to configure a firewall this way; for
+example, I found that cloud provider's firewalls are often less flexible.
+iptables frontends like ufw, on the other hand, are hard to make work with
+Docker.