3·
15 days agoShould be easier to block them by ASN instead of IP. That way you can control ipv6 connections too.
But if you don’t do business with the UK, I wonder if you are allowed to ignore them?
Toes♀
No one compares You stand alone To every record I own Music to my heart That’s what you are A song that goes on and on
- 0 Posts
- 33 Comments
Joined 2 years ago
Cake day: September 28th, 2023
You are not logged in. If you use a Fediverse account that is able to follow users, you can follow this user.
I feel ya, some of the posts you said that on, probably should be NSFW. But not a romantic kiss imho. Other sites solved this ages ago with explicit, questionable and safe tags.
I think it’s ridiculous that Lemmy adopted the binary NSFW option from Reddit. With the Ukraine war and people posting videos as NSFW with body parts laying around. I don’t want to see the anime pictures in the same bucket as that either.
There needs to be more tags and that would make everyone happy.
For web APIs you can play with the program postman to get a feel for them. It doesn’t do soap well though.
I haven’t tried setting up jellyfin myself. However, if you’re able to use pcie passthrough on your container, you could probably use any spare card you might have? (assuming it fits and your psu can handle it)
Oh thanks I must have missed that in the title.
The xeon does have more cache too. So if the GPU acceleration is the make or break it option. You could toss a card in there.
I’m assuming you’re talking about version 1 of the 2620.
Although the xeon is the weaker processor, if you’re planning on having those containers active together the larger thread count will potentially be more beneficial than the faster i7.
But this is one of those things where you’d need to test against both and see. Since there’s a bunch at play.
I’m assuming the xeon comes with ECC ram?
I’d decide based on how loud it’s gonna make my homelab, if I get to use ECC ram and the type of workload being applied.
Since you’re just looking to make a router the xeon would be my tentative choice.
6·1 year agoSo it depends. For example some legacy apple stuff had a bad DHCP implementation where it would try to hold onto an IP address it had before.
When there’s one DHCP server with a reserved ip it won’t assign that ip to the wrong device. (Unless you’re running some buggy software that takes your configuration as suggestions)
Where the advice to set it anyways comes from scenarios where that DHCP server goes down for long enough that everyone starts self assigning addresses. It’s a real hassle to find the correct system when that happens.
Avoiding spam filters and ISP blocks are a common issue with self hosted email.
Ideally you’ll have a mature domain, dkim configured and an IP that’s not blacklisted on a network that allows email traffic.
OVH offers pretty cheap email hosting if you just want a turn key solution.
Otherwise if you want your home lab to work this way you may need to configure something akin to a forward proxy on a VPS to act as a gateway for your homelab.
This could be achieved using wireguard and iptables. By routing the email traffic to your homelab.
I’d suggest using OVH. https://help.ovhcloud.com/csm/en-ie-dns-dynhost?id=kb_article_view&sysparm_article=KB0051641
Depending on your country you may need to use ovh canada
Hey I just had another thought. Do you have your ISP provided router in bridge mode? That would help if you’re not using it for anything else.
If your lan devices only have a fe80, your clients are not receiving a proper router advertisement.
Which routes and firewall rules should I be checking?
Since the OPNsense device is getting a ipv6 address and is able to ping ipv6 devices on the internet.
It sounds like you don’t have ipv6 configured for the LAN. Try enabling “Assisted” mode.
Confirm the ipv6 addresses your clients in the LAN are being assigned an ipv6 address within the scope of what your ISP is assigning.
If you are check default routes and firewall rules.
If you aren’t, investigate “router advertisement”.
I like that idea.
I’d suggest OVH or Digital Ocean.
If you think a DDoS attack is possible I’d suggest azure for that.
Sounds like an issue with your registrar more so than the domain authority?
Do you have any information to distinguish that?
Does anyone here know if they are the same entity?
This is probably a bit extreme. I think it has a way to tie into your phone’s calendar too.
But you could use redmine and create tickets and reoccuring tasks.
Using a whitelist in this manner with cloudflare may be challenging as this list can potentially change. They do have means to query it though. https://developers.cloudflare.com/api/operations/cloudflare-i-ps-cloudflare-ip-details Additionally, have you considered ipv6 support?
if you haven’t solved the problem yet, I would consider switching to Apache for your reverse proxy and using mod_remoteip.
Track the CF-Connecting-IP field instead of the IP address to get the client.
I found this docker option.
https://hub.docker.com/r/apache/james#!
Although it’s pretty cheap to have someone else host it.
Theoretically, you could do it in real-time and cache it.
I think it would be important to check the API rules of w/e service you’re using.
https://www.enjen.net/asn-blocklist/readme.php#api
Some CDNs I believe can already do it like cloudflare. But I havn’t tested it myself, but I have seen ASN block pages through them in the past.