Hacker News new | ask | show | jobs
by username332211 487 days ago
What ordinary people (as opposed to IT departments) really want is firewall that can't be accidentally disabled by pushing an overly permissive firewall rule.

NAT/port forwarding, for all their faults make it rather difficult to write rules allowing traffic to a machine you didn't intend to expose to the world.
2 comments
Symbiote 487 days ago
Consumer routers have very similar UI for managing an IPv6 firewall as IPv4 NAT port forwarding.

This is not in any way a benefit of NAT.

link
lxgr 487 days ago
Then... make the firewall UI so that you can't accidentally push an overly permissive firewall rule?

Just because NAT accidentally achieves some good outcomes doesn't in any way imply that said good outcomes are somehow exclusive to NAT.

link