Warp nACLs (network access control lists)

  • CyberEgg
    link
    fedilink
    arrow-up
    5
    arrow-down
    1
    ·
    1 year ago

    Ouf. Please close port 80. And if this is not a web server, close any ports for inbound traffic and implement a spi capable firewall.

    • lud@lemm.ee
      link
      fedilink
      arrow-up
      4
      ·
      1 year ago

      It looks like these are examples from some documentation and not someone actual config

      • AFallingAnvil@lemmy.caOP
        link
        fedilink
        arrow-up
        6
        ·
        1 year ago

        This, I just grabbed a random example. I shudder to think of actually posting the ACLs from any production environment

        • Ananace@lemmy.ananace.dev
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          I think the file upload size limit could become a problem in my case, at least in terms of posting the complete ACLs.

          We’ve recently managed to come down to only ~1.4k VLANs though, and the network firewall pair for our server networks now only handles ~600 SPB services.

      • CyberEgg
        link
        fedilink
        arrow-up
        1
        arrow-down
        1
        ·
        1 year ago

        Yea, I guess. But this should only be an example for how not to ACL

    • funkajunk@lemm.ee
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Port 80 is open so you can redirect to https, it’s not actually serving over http