diff --git a/handlers/main.yml b/handlers/main.yml
new file mode 100644
index 0000000..8bd49ae
--- /dev/null
+++ b/handlers/main.yml
@@ -0,0 +1,5 @@
+- name: Restart ufw
+    ansible.builtin.service:
+      name: ufw
+      state: restarted
+    listen: "restart ufw services"
\ No newline at end of file
diff --git a/tasks/main.yml b/tasks/main.yml
index f8224b0..24e52ea 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -5,4 +5,30 @@
   include: composer.yml
 
 - name: Install Traefic
-  include: traefic.yml
\ No newline at end of file
+  include: traefic.yml
+
+#ufw route allow proto tcp from any to any port 80
+- name: Allow 80
+  community.general.ufw:
+    route: true
+    rule: allow
+    proto: tcp
+    from: any
+    to: any
+    to_port: 80
+- name: Allow 443
+  community.general.ufw:
+    route: true
+    rule: allow
+    proto: tcp
+    from: any
+    to: any
+    to_port: 443
+- name: Template a file to /etc/ufw/after.rules
+  ansible.builtin.template:
+    src: after.rules.j2
+    dest: /etc/ufw/after.rules
+    owner: root
+    group: root
+    mode: '0640'
+  notify: "restart ufw services"
diff --git a/templates/after.rules.2 b/templates/after.rules.2
new file mode 100644
index 0000000..c7d7089
--- /dev/null
+++ b/templates/after.rules.2
@@ -0,0 +1,27 @@
+# BEGIN UFW AND DOCKER
+*filter
+:ufw-user-forward - [0:0]
+:ufw-docker-logging-deny - [0:0]
+:DOCKER-USER - [0:0]
+-A DOCKER-USER -j ufw-user-forward
+
+-A DOCKER-USER -j RETURN -s 10.0.0.0/8
+-A DOCKER-USER -j RETURN -s 172.16.0.0/12
+-A DOCKER-USER -j RETURN -s 192.168.0.0/16
+
+-A DOCKER-USER -p udp -m udp --sport 53 --dport 1024:65535 -j RETURN
+
+-A DOCKER-USER -j ufw-docker-logging-deny -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -d 192.168.0.0/16
+-A DOCKER-USER -j ufw-docker-logging-deny -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -d 10.0.0.0/8
+-A DOCKER-USER -j ufw-docker-logging-deny -p tcp -m tcp --tcp-flags FIN,SYN,RST,ACK SYN -d 172.16.0.0/12
+-A DOCKER-USER -j ufw-docker-logging-deny -p udp -m udp --dport 0:32767 -d 192.168.0.0/16
+-A DOCKER-USER -j ufw-docker-logging-deny -p udp -m udp --dport 0:32767 -d 10.0.0.0/8
+-A DOCKER-USER -j ufw-docker-logging-deny -p udp -m udp --dport 0:32767 -d 172.16.0.0/12
+
+-A DOCKER-USER -j RETURN
+
+-A ufw-docker-logging-deny -m limit --limit 3/min --limit-burst 10 -j LOG --log-prefix "[UFW DOCKER BLOCK] "
+-A ufw-docker-logging-deny -j DROP
+
+COMMIT
+# END UFW AND DOCKER