[ series · acr · [~] ]

AI Configs Reviewed

AI-generated configs pulled from the wild, audited with Claude. Half of them explode. We name names.

2 posts · monthly · acr

#01 · 2026-05-31 · 9 min · acr

AI Configs Reviewed #01: The BGP Config That Comes Up and Black-Holes Your Traffic

We audit a representative AI-generated BGP config of the kind posted to r/networking every week. The session establishes, the output looks clean — and it advertises nothing, black-holes half your traffic, and risks a route leak. Here is the line-by-line teardown and the corrected config.

router bgp 65001
  network 10.0.0.0     [!] no mask
  neighbor … iBGP      [!] no next-hop-self
  neighbor … eBGP      [!] no filters
verdict: comes up, black-holes traffic

#routing#ai read ▸

#02 · 2026-05-31 · 8 min · acr

AI Configs Reviewed #02: The pfSense Port Forward That Put RDP on the Internet

A representative AI-generated pfSense NAT config of the kind pasted in for "quick help." The port forward works perfectly — and it also exposes RDP to the entire internet, because the autogenerated firewall rule did exactly what it was told. The line-by-line teardown and the config that should have shipped instead.

NAT ▸ Port Forward (from an AI)
  Source: any        [!] the internet
  Dest WAN:3389 → 192.168.10.10
  +assoc rule: WAN any → :3389 PASS
verdict: RDP on the internet

#firewalls#security read ▸

▸ back to all posts