This should allow access to:
port 80 / 443 to everyone in the universe
port 8282 from just labs (for proxylistener)
redis replication port from just other webproxies
port 22 from bastions
This allows us to open up the redis replication just to other webproxies instead of opening it up to the world.