-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add firewall documentation #20
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -15,3 +15,9 @@ services: | |
APP_URL: $APP_URL | ||
HTTP: $HTTP | ||
HTTPS: $HTTPS | ||
|
||
networks: | ||
default: | ||
ipam: | ||
config: | ||
- subnet: 172.16.0.0/16 | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Nice ! Going to test in a few minutes ... There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. Ah - nice trick! just Before:
Then with a (likely too heavy handed)
I'm good to go then! Here's after:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'll "lgtm" the PR as this is minor, but since a lot of people run a different RFC1918 subnet on their LAN (eg
10.10.0.0/24
), they'd have to change this. Since they're more likely to have a/24
than a/16
on their local LAN, I'd say go with the/24
instead of the/16
.(Noted that
/16
as is, goes up to my LAN's subnet192.168.68.0/24
- which is quite handy ; )There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@mrjones-plip, am I wrong or wouldn't
/16
include all the addresses covered by/24
? Maybe I am totally off, but it based on what I was reading I thought that the range covered increases as the mask number decreases (seems very counter-intuitive...).There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No no! You're totally correct: A
/16
covers way more (65k) than a/24
(256), just like that link you cited says. However, a192.168.0.0/16
won't cover a10.10.0.0/24
. And given few, if any, folks will run a/16
on their LAN, I was just saying that they'd be more familiar and comfortable with changing it to their specific/24
instead of wondering if the/16
covers their range or not. TMI on all three RFC1918 ranges here, but all in there's10.0.0.0/8
,172.16.0.0/12
and192.168.0.0/16
Still - this is good as is I think!