|
|
|
|
|
|
by ThePhysicist
2676 days ago
|
|
|
Sorry, very late reply: We deploy all our infrastructure with Ansible, hence we want to have a way to configure the firewall for each role individually without overwriting previous configuration. For example, we have firewall rules for IP-Sec connections, SSH connections from the bastion host and then specific configurations for applications like databases or message queues. With ferm we can just create individual configs for each of these and put them in a directory where they are loaded sequentially and automatically. This allows us to iteratively define firewall rules and deploy different Ansible roles. For a home server ufw is probably good enough, as I said I wouldn't recommend it for "serious" use in a highly automated environment. |
|
|