[gerdesj]

Ahhh, it sounds like you've only done this once. I started off with ipfw, then ipchains, then iptables and now whatever firewalld supports. OK that's roughly 25 years so not too much firewalling churn! I stopped hand rolling my own rule sets with ipchains and switched to generators and there are loads of them.

For me some of the problems nowadays are caused by search engine manipulation. Up until around five or so years ago Linux concept searches would get you pointed at the usual big hitters - Arch/Gentoo/Ubuntu/etc wikis and useful and quite well known blogs. My modern block list for ublacklist is huge and barely scratches the surface.

Now I come to think of it, we now have ChatGPT and I bet it can roll a decent ruleset without hallucinating madly. No doubt someone will soon be Showing HN: their smart new firewall prompt generator language for <insert AI here>. It will make the LLM use Rust as an intermediary for extra safety.