| Commit message (Collapse) | Author | Age | Files |
|
|
|
| |
We use a dedicated instance for each role: MDA, MTA out, MX, etc.
|
|
|
|
|
|
|
| |
At the each IPSec end-point the traffic is DNAT'ed to / MASQUERADE'd
from our dedicated IP after ESP decapsulation. Also, some IP tables
ensure that alien (not coming from / going to the tunnel end-point) is
dropped.
|
|
|
|
|
| |
update-firewall.sh -c does not update the firewall, but returns a
non-zero value iff. running it without the switch would modify it.
|
|
To run the playbook:
cd ./ansible
ansible-playbook -i vms site.yml
|