It happened to me when I was configuring IP geoblocking: Only whitelist IP ranges are allowed. That was fetched from a trusted URL. If the DNS provider just happened to not be on that list, the whitelist would become empty, blocking all IPs. Literally 100% proof firewall; not even a ping gets a pass.
I accidentally put all the interfaces on my router running openwrt into the wrong firewall zone so now I can’t access it via ssh or the web interface. I already had it configured though and it still works so I’m just ignoring the problem until something breaks
I know I forgot to reactivate my firewall yesterday, but I’m too scared of getting locked in to do it remotely. I have physical access to it, but gotta wait after work
Happened to me in work once… I was connected via SSH to one of our test machines, so I could test connection disruption handling on a product we had installed.
I had a script that added iptables rules to block all ports for 30 seconds then unblock them. Of course I didn’t add an exception for port 22, and I didn’t run it with nohup, so when I ran the script it blocked the ports, which locked me out of SSH access, and the script stopped running when the SSH session ended so never unblocked the ports. I just sat there in awe of my stupidity.
Out of curiousity, how would nohup make your situation different? As I understand, nohup makes it possible to keep terminal applications running even when the terminal session has ended.
If the script was supposed to wait 30 secs and then unblock the ports, running with nohup would have allowed the ports to be unblocked 30 secs later. Instead, the script terminated when the SSH session died, and never executed the countdown nor unblock.
You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: !programmerhumor@lemmy.ml
Post funny things about programming here! (Or just rant about your favourite programming language.)
Rules:
Posts must be relevant to programming, programmers, or computer science.
No NSFW content.
Jokes must be in good taste. No hate speech, bigotry, etc.
It happened to me when I was configuring IP geoblocking: Only whitelist IP ranges are allowed. That was fetched from a trusted URL. If the DNS provider just happened to not be on that list, the whitelist would become empty, blocking all IPs. Literally 100% proof firewall; not even a ping gets a pass.
this is me dealing with ZScaler at work
I accidentally put all the interfaces on my router running openwrt into the wrong firewall zone so now I can’t access it via ssh or the web interface. I already had it configured though and it still works so I’m just ignoring the problem until something breaks
There is nothing more perminant than a temporary solution.
“i’ll fix that later”
Narrator: “they never did”
Maybe you can put aside a day which has nothing else going on so you can sit down and fix it before it breaks.
It’s super secure though, not even you have access!
I know I forgot to reactivate my firewall yesterday, but I’m too scared of getting locked in to do it remotely. I have physical access to it, but gotta wait after work
ufw is not a good software. I really tried to work with it. My solution was to disable it.
It’s better than raw iptables / nftables though.
Not IMHO no. By far.
Happened to me in work once… I was connected via SSH to one of our test machines, so I could test connection disruption handling on a product we had installed.
I had a script that added iptables rules to block all ports for 30 seconds then unblock them. Of course I didn’t add an exception for port 22, and I didn’t run it with nohup, so when I ran the script it blocked the ports, which locked me out of SSH access, and the script stopped running when the SSH session ended so never unblocked the ports. I just sat there in awe of my stupidity.
Out of curiousity, how would nohup make your situation different? As I understand, nohup makes it possible to keep terminal applications running even when the terminal session has ended.
If the script was supposed to wait 30 secs and then unblock the ports, running with nohup would have allowed the ports to be unblocked 30 secs later. Instead, the script terminated when the SSH session died, and never executed the countdown nor unblock.
Thanks for the elaborate answer!
Any time! :)
deleted by creator
Connects a monitor and a keyboard to the Raspberry Pi
it’s become self aware and is always blocking ports 22 & 23.
deleted by creator