I agree with your observation and I think the author was suggesting that whitelisting is a more viable solution compared to blacklisting when it's necessary to open a port.