TCB13, (edited )
@TCB13@lemmy.world avatar

#1 leaves a lot to be desired, as it advocates for doing something without thinking about why you’re doing it – it is essentially a non-answer.

Agreed. That’s mostly BS from people who make commissions from some vendor.

#2 is strange – why does it matter? If one is hosting a webserver on port 80, for example, they are going to poke a hole in their router’s NAT at port 80 to open that server’s port to the public. What difference does it make to then have another firewall that needs to be port forwarded?

A Firewall might be more advanced than just NAT/poking a hole, it may do intrusion detection (whatever that means) and DDoS protection

#3 is a strange one – what sort of malicious behaviour could even be done to a device with no firewall? If you have no applications listening on any port, then there’s nothing to access.

Maybe you’ve a bunch of IoT devices in your network that are sold by a Chinese company or any IoT device (lol) and you don’t want them to be able to access the internet because they’ll establish connections to shady places and might be used to access your network and other devices inside it.

#5 is the only one that makes some sense;

Essentially the same answer and in #3

If we’re talking about your home setup and/or homelab just don’t get a hardware firewall, those are overpriced and won’t add much value. You’re better off by buying an OpenWRT compatible router and ditching your ISP router. OpenWRT does NAT and has a firewall that is easy to manage and setup whatever policies you might need to restrict specific devices. You’ll also be able to setup things such as DoH / DoT for your entire network, setup a quick Wireguard VPN to access your local services from the outside in a safe way and maybe use it to setup a couple of network shares. Much more value for most people, way cheaper.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • linux@lemmy.ml
  • localhost
  • All magazines
  • 200 @ entry_comment_voters
    HTTP status 200 OK
    Route name entry_comment_voters
    Has session yes
    Stateless Check no
    Time 339 ms
    Total time 339 ms
    Initialization time 123 ms
    Memory 14.0 MiB
    Peak memory usage 14.0 MiB
    PHP memory limit 128 MiB
    Logger 86
    Errors 0
    Warnings 0
    Deprecations 86
    Cache 23 in 31.62 ms
    Cache Calls 23
    Total time 31.62 ms
    Cache hits 34 / 37 (91.89%)
    Cache writes 0
    3
    Default locale en
    Missing messages 3
    Fallback messages 0
    Defined messages 119
    Security n/a
    Authenticated No
    Firewall name main
    Twig 100 ms
    Render Time 100 ms
    Template Calls 65
    Block Calls 16
    Macro Calls 6
    41 in 64 ms
    settings_row_switch 15
    user_settings_row_switch 4
    date 3
    user_inline 2
    settings_row_enum 2
    entry_comment 1
    date_edited 1
    user_avatar 1
    vote 1
    boost 1
    user_actions 1
    magazine_box 1
    magazine_sub 1
    related_magazines 1
    active_users 1
    related_categories 1
    related_posts 1
    related_entries 1
    support_us_block 1
    featured_magazines 1
    7 in 41.22 ms
    Database Queries 7
    Different statements 7
    Query time 41.22 ms
    Invalid entities 0
    Cache hits 26
    Cache misses 0
    Cache puts 0
    6.4.0
    Profiler token 9bf7ab
    Environment dev
    Debug enabled
    PHP version 8.2.26   View phpinfo()
    PHP Extensions Xdebug ✗ APCu ✓ OPcache ✓
    PHP SAPI apache2handler