this post was submitted on 22 Oct 2023
149 points (97.5% liked)

Memes

45661 readers
1993 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 

Warp nACLs (network access control lists)

you are viewing a single comment's thread
view the rest of the comments
[–] CyberEgg@discuss.tchncs.de 3 points 1 year ago (2 children)

Ouf. Please close port 80. And if this is not a web server, close any ports for inbound traffic and implement a spi capable firewall.

[–] lud@lemm.ee 4 points 1 year ago (2 children)

It looks like these are examples from some documentation and not someone actual config

[–] AFallingAnvil@lemmy.ca 6 points 1 year ago (1 children)

This, I just grabbed a random example. I shudder to think of actually posting the ACLs from any production environment

[–] ace@lemmy.ananace.dev 1 points 1 year ago

I think the file upload size limit could become a problem in my case, at least in terms of posting the complete ACLs.

We've recently managed to come down to only ~1.4k VLANs though, and the network firewall pair for our server networks now only handles ~600 SPB services.

[–] CyberEgg@discuss.tchncs.de 0 points 1 year ago

Yea, I guess. But this should only be an example for how not to ACL

[–] funkajunk@lemm.ee 3 points 1 year ago

Port 80 is open so you can redirect to https, it's not actually serving over http