|
|
|
|
|
|
by lock-the-spock
841 days ago
|
|
|
You would not filter based on the delivery man but based on the sender. If you know someone sends bombs or drugs in the mail but you cannot stop them initiating parcels, you would find ways to stop the parcels halfway. Physical mail is scanned in the real world, and customs stop stuff from entering the country - so the analogy is already reality! In theory this would also work for IPs if not for the IP laundering OOP criticised. Cloudflare chooses to hide thousands of IPs on a single IP - this is a technical choice, not a system necessity. There are of course many reasons for those and many of them legitimate, but it doesn't mean this is the right approach (and with IPv6 certainly other options are possible...) |
|
|
Unless you are against CDNs (they do serve a real-world purpose, tho), then it is a system necessity;