this post was submitted on 30 Jun 2023
327 points (98.5% liked)

Programmer Humor

19572 readers
2011 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 1 year ago
MODERATORS
 
top 19 comments
sorted by: hot top controversial new old
[–] pwshguy@programming.dev 20 points 1 year ago (1 children)

I've actually had an excavator take out my network. I've also had networks taken out by forklift, train, and a semi-truck towing three other semi-trucks.

[–] WagnasT@iusearchlinux.fyi 14 points 1 year ago (1 children)

How about a bus? The fiber to a datacenter i used to work at kept going out at almost consistent intervals during almost normal business hours. Turns out the conduit wasn't deep enough and the city built a bus stop on top of it and it would sag just enough to go out but only when a bus was at the stop.

[–] pwshguy@programming.dev 7 points 1 year ago

That's pretty similar with what happened with me and the train. Kept getting random drops from a plant. I went out to investigate and everything tested perfect and the network was staying up. That was until a freight train rolled by. Turns out AT&T had run the line by shoving a piece of PVC through the gravel between two cross-ties, then running the cable through it.

[–] thomas@lemmy.douwes.co.uk 14 points 1 year ago (1 children)

This is wrong, I use IPTables but the device is absolutely not dedicated lol.

[–] Album@lemmy.ca 3 points 1 year ago (1 children)

The iptables one has me triggered.

[–] thomas@lemmy.douwes.co.uk 0 points 1 year ago* (last edited 1 year ago)

Who needs all this crazy firewall stuff when I have my

iptables -A FORWARD -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu
iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A INPUT -i ppp0 -j DROP

And for IPv6 you don't need a firewall, just use slaac and hope no one finds the address /s

[–] Sotuanduso@lemm.ee 12 points 1 year ago

That punchline hit like a tree falling onto a network cable.

[–] SteveTech@programming.dev 9 points 1 year ago

Spanning tree is a firewall

Okay, that's just cursed.

[–] MinFapper@lemmy.world 5 points 1 year ago (2 children)

I've heard of almost all of those things.

What's a HA proxy?

[–] netwren@lemmy.world 21 points 1 year ago (1 children)
[–] pohart@lemmyrs.org 9 points 1 year ago

Without it we might accidentally Lol or lOL. It would be anarchy

[–] allywilson@sopuli.xyz 5 points 1 year ago

http://www.haproxy.org/ it's a load-balancer (it only allows access to devices behind it based on rules).

[–] lobstermania@programming.dev 5 points 1 year ago (1 children)

i wonder what is the favorite firewall of people here?

[–] Caust1c@programming.dev 2 points 1 year ago

I'm at the top right myself. 😆

Not as fast as ASIC firewalls, but way more flexible and fast enough for home routing.

[–] ruk_n_rul@monyet.cc 5 points 1 year ago

Ah yes, that time a Georgian granny became the Great Firewall of Armenia.

[–] Rentlar@lemmy.ca 4 points 1 year ago

Cisco Automatic Telecommunications Excavator: for all your internet connection restricting needs!

[–] argv_minus_one@beehaw.org 2 points 1 year ago

In my apartment, I have a PC running Linux with four network interfaces:

  1. One Ethernet port built into the motherboard, connected to a switch that the rest of my hard-wired devices are connected to
  2. One PCIe Wi-Fi 5 card, serving as my apartment's wireless access point
  3. One USB Ethernet dongle, connected to my ISP's optical network terminal
  4. One USB Ethernet dongle, connected directly to an employer's PC (for working from home)

It forwards packets between all of these (i.e. is a router) and uses nftables (i.e. is a firewall).

The firewall is specially configured to isolate interface 4: it is only allowed to talk to the Internet and the router's DHCP and DNS servers, but not any other device in my apartment, nor any other process running on the router itself.

Seems pretty radical on both axes, but it's neat that I can do this with nothing but common consumer equipment and free software. No fancy Cisco gear required. And unlike the average home router, the software running on mine actually receives security audits and patches, so I consider it far more secure.

[–] glue_snorter@lemmy.sdfeu.org 1 points 1 year ago

Excavator in rack-mount enclosure would be awesome

[–] Gentoo1337@sh.itjust.works 1 points 1 year ago

A firewall is when I redirect stuff to 0.0.0.0 in /etc/hosts

load more comments
view more: next ›