Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
mstdn.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A general-purpose Mastodon server with a 500 character limit. All languages are welcome.

Administered by:

Server stats:

14K
active users

mstdn.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.4

#nat

1 post1 participant0 posts today
Replied in thread
Public *
Kevin Karhan :verified:

@landley @jschauma @ryanc @0xabad1dea yeah, the exhaustion problem would've been shoved back with a #64bit or sufficiently delayed by a 40bit number.

Unless we also hate #NAT and expect every device to have a unique static #IP (which is a #privacy nightmare at best that "#PrivacyExtensions" barely fixed.)

  • I mean they could've also gone the #DECnet approach and use the #EUI48 / #MAC-Address (or #EUI64) as static addressing system, but that would've made #vendors and not #ISPs the powerful forces of allocation. (Similar to how technically the #ICCID dictates #GSM / #4G / #5G access and not the #IMEI unless places like Australia ban imported devices.

I guess using a #128bit address space was inspired by #ZFS doing the same before, as the folks who designed both wanted to design a solution that clearly will outlive them (way harder than COBOL has outlived Grace Hopper)...

If I was @BNetzA I would've mandated #DualStack and banned #CGNAT (or at least the use of CGNAT in #RFC1918 address spaces) as well as #DualStackLite!

Public
Habr

Настройка форвардинга на UFW для Ubuntu Server

UFW (Uncomplicated Firewall) - это утилита для управления пакетами брандмауэра в Linux, которая предоставляет удобный интерфейс для настройки iptables. Он создан для упрощения процесса управления сетевыми правилами и подходит как для новичков, так и для опытных администраторов. NAT (Network Address Translation) — это метод, позволяющий изменять адреса IP в заголовках пакетов, проходящих через маршрутизатор или брандмауэр. Он часто используется для обеспечения доступа к ресурсам из локальной сети в Интернет, скрывая внутренние IP-адреса от внешней сети.

habr.com/ru/articles/894316/

ХабрНастройка форвардинга на UFW для Ubuntu ServerUFW (Uncomplicated Firewall) - это утилита для управления пакетами брандмауэра в Linux, которая предоставляет удобный интерфейс для настройки iptables. Он создан для упрощения процесса управления...
#ubuntu#ubuntu_server#ufw
Public
GNU/Trinukso ۞

Parece una chorrada pero hay tela de operadores hoy en día detrás de una #NAT que no te sacan o te cobran por ello. Incluso más que antes con xDLS y el añorado cable coaxial; por nostalgia solo.😎

Public
Ventor 🐧

Interessante Beobachtung: Der Airbnb Hotspot verwendet irgendeine interessante Technologie um IPv6-Seiten zu erreichen:

$ curl -v -6 https://icanhazip.com
* Host icanhazip.com:443 was resolved.
* IPv6: ::ffff:104.16.184.241, ::ffff:104.16.185.241
* IPv4: (none)
*   Trying [::ffff:104.16.184.241]:443...

Mein Gerät hat keine eigene IPv6-Adresse, dennoch funktioniert die Verbindung.

Ist das sowas wie DNS64 und NAT64 nur andersrum?

#ipv6#nat
Public
HoldMyType

any application needing to communicate large messages with UDP must implement packetization, retransmission, reordering, etc-- the same things that TCP already implements for us. Many applications that have 'rolled their own TCP' in userspace have ended up with exploitable bugs in them, so it isn't something that should be done without good cause.

#UDP also has the issue of #NAT traversal: Getting bidirectional communication across a NAT with UDP is not a simple matter. Crossing anything more complicated than a full cone nat requires considerable amounts of special code but without it there will be a many hosts that just can't talk to other peers with UDP.
bitcoin.stackexchange.com/ques

Bitcoin Stack ExchangeCan someone please explain FIBRE to me like I'm 5 and why is it useful?I read the website but they imply you already know why this is valuable. Can someone please illuminate me on this issue?
Public *
bubbleb74
I finally came around to give #BastilleBSD a try on a #FreeBSD test system but I struggle with the rdr rules. I always get the following error when starting the vnet jail:

stdin:2: syntax error
pfctl: Syntax error in config file: pf rules not loaded

Here my pf.conf

lo_if="lo1"
ext_if="vmx0"
jail_if="vmx0bridge"

#set block-policy return
scrub in on $ext_if all fragment reassemble
set skip on lo
set skip on $jail_if

table <jails> persist
nat on $ext_if from <jails> to any -> ($ext_if:0)
#nat on $ext_if from $jail_if:network to any -> ($ext_if)
#nat on $jail_if from $jail_if:network to any -> ($jail_if)
#nat on $lo_if from $jail_if:network to any -> ($lo_if)
rdr-anchor "rdr/*"

#block in all
pass out quick keep state
#antispoof for $ext_if inet
pass in inet proto tcp from any to any port ssh flags S/SA keep state
pass in on $ext_if inet proto icmp to ($ext_if) icmp-type { unreach, redir, timex, echoreq }
pass in on $ext_if inet proto icmp to ($jail_if) icmp-type { unreach, redir, timex, echoreq }
pass in on $jail_if inet proto icmp to $jail_if:network icmp-type { unreach, redir, timex, echoreq }

My BastilleBSD version is 0.13.20250126
ExploreLive feeds
About