this post was submitted on 09 Jun 2024
805 points (98.1% liked)

Programmer Humor

19809 readers
1105 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS
 

Context:

People have been asking for IPv6 Support on GitHub since years (probably a decade by now)

... and someone even got so annoyed that they decided to setup a dedicated website for checking this: https://isgithubipv6.live/

you are viewing a single comment's thread
view the rest of the comments
[–] Avatar_of_Self 1 points 6 months ago* (last edited 6 months ago) (1 children)

Are you saying that everyone's router's firewall drops all packets from connections that originate from outside of their network?

[–] orangeboats 1 points 6 months ago (1 children)

It's a stateful firewall. It simply drops unsolicited packets.

[–] Avatar_of_Self 1 points 6 months ago (1 children)

So, really, you were "correcting" me for you and your specific setup at the very beginning because your router's firewall has a deny rule for all inbound connections because I must have been confusing what a NAT and what a firewall is because I must have been talking about your specific configuration on your specific devices.

Holy. Fucking. Shit.

[–] orangeboats 1 points 6 months ago* (last edited 6 months ago) (1 children)

Oh come on, are you seriously suggesting that default-deny stateful firewall is not the norm??

Holy. Fucking. Shit. Indeed.

You keep on suggesting to me that you really have no idea how networking works. (Which is par on course for people thinking NAT == security, but I digress)

Let me tell you: All. Modern. Routers. include a stateful firewall. If it supports NAT, it must support stateful firewalling. To Linux at least, NAT is just a special kind of firewall rule called masquerade. Disregarding routers, even your computer whether Linux (netfilter) or Windows (Windows Firewall) comes built-in with a stateful firewall.

[–] Avatar_of_Self 1 points 6 months ago (1 children)

Having a NAT on a consumer router is indeed the norm. I don't even see how you could say it is not.

I never said NAT = security. As a matter of fact, I even said

It was not designed for security but coincidentally blah blah

But hey, strawmanning didn't stop your original comment to me either, so why stop there?

Let me tell you: All. Modern. Routers. include a stateful firewall.

I never even implied the opposite.

To Linux at least, NAT is just a special kind of firewall rule called masquerade.

Right, because masquerade is NAT....specifically Source NAT.

I'm just going to go ahead an unsubscribe from this conversation.

[–] orangeboats 1 points 6 months ago

Were I really strawmanning you? Is "I never even implied the opposite" really true? Quote:

So, really, you were "correcting" me for you and your specific setup

Yeah, my "specific setup"... which can be found in virtually all routers today.