remaker
23707
379
7
Jun 27, 2025 9:10 PM
remaker
23707
379
7
McTaco
Banana pi, openwrt
Somnophobe
My first thought when I see firewall is about the part of the car that keeps the engine compartment separate from the passenger compartment.
usernamesarenotcomments
Sorry to be the one, but some problems here:
iptables is software, not hardware (or at least I can't find a manufacturer by that name), so it can't really be "a dedicated network device" on its own.
Second, I'm pretty sure* WRT54G used iptables to do its network network traffic restrictions and redirections, so those two should probably be in the same column.
gesel
Wtf, the only rational options are pfSense or OPNsense. Hardware: company paying, buy a Netgate box, otherwise for SOHO use a Protectli box with a high endurance CF. For something larger, consider OnLogic options.
dashers
I'm happy with the radical terms, with the expectation that rules need to be toggle-able, which severing the fibre connections is not. But also anything can perform a firewall function and when naming devices, the purists are right.
mudgula
The most secure system is one that doesn’t work!!
Gryphonosiris
Amazing that 2-wire wasn't on there someone
immunity
WRT-54GL was a friggin BEAST back in the day!
lljkstonefish
My GS 1.1 is still running fine. Never really felt a need to upgrade.
bikergeek6249
Back in the days of token ring networks, you had to have a ring of fire. It burns, burns, burns....
usernamesarenotcomments
Ok that radical corner absolutely got me
IceWeaselX
In the early years of Road Runner cable here, digging crews broke the main line for the city. Redundancy? Yep, there was a second line. But it was buried in the same conduit (genius!), so the backup line failed alongside the primary.
veritas1980
because fuck surveying before digging.
malexmatt
Path diversity is for suckers, apparently -- Your carrier
VodkaReindeer
my favorite firewall feature is the DMZ
BastardMan1977
lol I don't get it
remaker
IYKYK
an0therthr0waway
why gatekeep? that's rude.
gumshoe99
Underground Network cables are frequently cut by digging tools.
For perspective, my companies data center provider has enough fiber cable on hand at all times to wrap around the earth 7 times
an0therthr0waway
an old IT joke...a network administrator's arch nemesis is the backhoe.
Meltemi
https://spectrum.ieee.org/georgian-woman-accidentally-brings-down-armenias-internet
thenetbear
Unexpected air gap
an0therthr0waway
the internet is mostly buried fiber optic cables. every now and then a construction job takes down someone's connection
Casually
We had issues with a particular site getting their fiber cut so we went with two lines to the building on opposite ends. They both got cut on the same day. Additionally that building went down last week when there was a power outage and the backup generator and the backup backup generator both failed.
an0therthr0waway
oof...!
MillenniumFalcon
Why's my house on fire?
Casually
My parents just ran into radical radical firewall issues. As it turns out unmarked fiber is hard to detect.
VodkaReindeer
But you can clearly see it! https://i.redd.it/2nq8l0qlm44f1.jpeg
Trelfar
NotThePoint
Aww... but they look so cute! I would totally feed one a reel of fiber optic cable.
PeaceOnEarthGoodPornToAll
They're just hardening their network to better align with their risk appetite.
LoyalToTheEnd
By building an air gapped network
PeaceOnEarthGoodPornToAll
https://media0.giphy.com/media/v1.Y2lkPWE1NzM3M2U1OHNyczF0anIwbTd0YWRxMGM5Zm93N3JzZnNoaWxsbGNqeGY0eGt2ZSZlcD12MV9naWZzX3NlYXJjaCZjdD1n/7OaYzPWOW112E/200w.webp
Renza0
I sadly worked for a company owned by a Telco called "Windstream" for a while, I particularly appreciate that a lot of their fiber lines are over ground and unprotected. The time their unmanned facility that was the central hub for their east coast network went down for a week, they had put our number on their front page for unknown reasons (datacenter services vs telco), and we perpetually had calls rolling through every phone system, I encouraged people to drop their service when they called.
justfiguredoutimc4azyanddumbb
I greet people at the shitty truck stop I work at by asking why? Why would you return to this shit hole? Or hey, you hate yourself?
NotThePoint
Sounds like they accidentally found some "national security" fiber. Either that or some dumbass company failed to write down where they buried it.
Casually
It was AT&T to their house and it was put in recently. I don't fault the people digging, they did their due diligence. They called dig right and even did a quick scan of the area themselves looking for copper. The fiber AT&T used has no copper.
NotThePoint
Yep, AT&T qualifies as a dumbass company.
Bajiir
No SonicWall or FortiGate, laaaame
LoyalToTheEnd
Backhoes are the natural predator of fiber optic cables
Howsthefishingthough
Also a favorite for directional drills.
ByThePowerOfSCIENCE
pesky source of fading
InTheBeginningWasTheNerd
Not just backhoes. I used to do network support for a factory in India. As we found out partway through, it was being built the entire time we were providing support. The cables were just lying on the ground, where trucks and heavy machinery could drive over them. They had fibre cuts every couple weeks until one of our L3s went on site (that's how we found about the cables). We switched the WAN connection to radio and the fibre cuts stopped.
cptunderpants
Here in Australia we call it yellow caterpillar disease.
Revyloution
Back in the late 90s, my town only had one line connecting the entire place to the rest of the world. Chad in his backhoe severed it. Took almost a week to get it fixed.
The weird part is that the internet worked, but just for our town. Little Billies Geocities web page about his hamster worked great! Google? Never heard of it. It was the TWW Town Wide Web!
amp99
donthaveonebrojustlurk
Look how satisfied this man is. We need more jobs like this.
Bunhyung
Network Shwarma
gumshoe99
Amazing comment
SpeakerToLampposts
Richards' laws of data security:
#1: Don't buy a computer.
#2: If you do buy a computer, don't turn it on.
To which we now add #3: If you must turn it on, get it a guard excavator to protect it from networks.
JackieTreehornProductions
where is the literal wall of fire?
ChareAndFlaff
An inexcusable oversight.
mooseablethenok
depends on if the HV conduit was next to the data wire when the backhoe hit the multicolored roots. If you get spicy dirt and multicolored roots there is a good chance a few walls will be on fire...
MisterLemons
Look, mommy, words!
Snooj
I have been in at least one "excavator is a firewall" situation. One of our customers was a local college that figured underground conduit parallel to their entry road was safe from ice storms and falling limbs so it didn't need redundancy. Oops.
OfficialTrollInspector
Sharks are a firewall
amp99
SomeUser2
And then one of the users downloads a nice program from the internet.....
NaughtyGod1
pfSense for good luck, indeed.
cbale2000
But at what cost (of latency)?
technicalfool
barbarian818
troubleshooting that mess would mean many many hours of overtime. Too bad most IT are salaried.
mike13815
Just script them all to pull rules from an excel sheet you upload to sharepoint.
SomeOneHasBeenLookingForYou
it's their [IT's] personal set up and they're going through their 3rd divorce b/c the system's life cycle is just long enough to stay stale so they can meet a person, court, get married - maybe have a kid - before it glitches out and ruins the marriage due to troubleshooting