On Mon, Aug 15, 2016 at 10:30 PM John Meinel <j...@arbash-meinel.com> wrote:
> ... >> > > >> +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in >> +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT >> +-A ufw-user-input -p udp --dport 8000 -j ACCEPT >> + >> >> > If I'm reading this one correctly, it also means that anyone from *any* IP > address (not restricted to your local network). So anyone that can get to > port 8000 on your machine can proxy to any other public website. Now, I'd > guess that you also run a NAT router so this may not actually be opening up > an open proxy for the world to access, but it seems a little bit iffy to > put into a general guide. > Good eyes! I am behind a NAT, so it doesn't matter too much. My network is IPv6 internally (and externally) and I am not 100% on ipv6 local vs global links and avahi. So I just made a rule to allow the port from anywhere. I hope to make it more robust and update the wiki RSN™.
-- Juju-dev mailing list Juju-dev@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/juju-dev