@malwaretech I recently watched your video about the CUPS issue and I believe there's content that could cause some confusion to less technical users.
You mentioned that binding a port to 0.0.0.0 meant it could be reached by any IP and if it was bound to 127.0.0.1 it would be local only. It's my understanding that 0.0.0.0 is a wildcard and on this instance means "all IP addresses in the system". Binding a port to an RFC1918 IP wouldn't limit access to an IP outside of the range used if the routing and port forwarding it in place to route the traffic.

You would only block traffic to a service if a firewall in the data path (on the OS or inline along the flow) limits the source IP, or if the service has the ability to limit connection sources when the service is configured.

I hope you can take this input in the spirit it's intended as I follow you because I respect your knowledge in areas I'd be absolutely lost in. And hopefully this is also a direct message to inform rather than a reply aimed at calling you out.