From 3f79d6d3658da62c8df04e002ec51b4dbc171995 Mon Sep 17 00:00:00 2001
From: Earl Warren <contact@earl-warren.org>
Date: Fri, 11 Oct 2024 15:56:41 +0300
Subject: [PATCH] allow 10.0.0.0/8 in the firewall

---
 README.md | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/README.md b/README.md
index 7697219..5f63078 100644
--- a/README.md
+++ b/README.md
@@ -70,6 +70,13 @@ https://robot.hetzner.com/server to only allow incoming ssh, http,
 https requests for both IPv4 & IPv6. Each server has a "Firewall" tab
 that provides control over this firewall.
 
+The firewall applies to the VLAN too. The 10.0.0.0/8 source address
+must therefore be allowed explicitly for IPv4 and that must be the
+first rule of the firewall.
+
+A template "k8s" was defined that can be used for sharing the same
+rules between multiple k8s nodes.
+
 ## nftables
 
 ```sh