this post was submitted on 22 Oct 2023
148 points (97.4% liked)

Memes

45533 readers
1110 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 

Warp nACLs (network access control lists)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 year ago (2 children)

Ouf. Please close port 80. And if this is not a web server, close any ports for inbound traffic and implement a spi capable firewall.

[–] [email protected] 4 points 1 year ago (2 children)

It looks like these are examples from some documentation and not someone actual config

[–] [email protected] 6 points 1 year ago (1 children)

This, I just grabbed a random example. I shudder to think of actually posting the ACLs from any production environment

[–] [email protected] 1 points 1 year ago

I think the file upload size limit could become a problem in my case, at least in terms of posting the complete ACLs.

We've recently managed to come down to only ~1.4k VLANs though, and the network firewall pair for our server networks now only handles ~600 SPB services.

[–] [email protected] 0 points 1 year ago

Yea, I guess. But this should only be an example for how not to ACL

[–] [email protected] 3 points 1 year ago

Port 80 is open so you can redirect to https, it's not actually serving over http