Faster LXD bootstraps and provisioning
Reed O'Brien
reed.obrien at canonical.com
Tue Aug 16 16:16:16 UTC 2016
On Mon, Aug 15, 2016 at 10:30 PM John Meinel <john at arbash-meinel.com> wrote:
> ...
>>
>
>
>> +### tuple ### allow any 8000 0.0.0.0/0 any 0.0.0.0/0 in
>> +-A ufw-user-input -p tcp --dport 8000 -j ACCEPT
>> +-A ufw-user-input -p udp --dport 8000 -j ACCEPT
>> +
>>
>>
> If I'm reading this one correctly, it also means that anyone from *any* IP
> address (not restricted to your local network). So anyone that can get to
> port 8000 on your machine can proxy to any other public website. Now, I'd
> guess that you also run a NAT router so this may not actually be opening up
> an open proxy for the world to access, but it seems a little bit iffy to
> put into a general guide.
>
Good eyes! I am behind a NAT, so it doesn't matter too much. My network is
IPv6 internally (and externally) and I am not 100% on ipv6 local vs global
links and avahi. So I just made a rule to allow the port from anywhere. I
hope to make it more robust and update the wiki RSN™.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/juju-dev/attachments/20160816/c8b7f813/attachment.html>
More information about the Juju-dev
mailing list