Skip Navigation
InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)NI
Nikita @ kytta @feddit.org
Posts
1
Comments
1
Joined
6 mo. ago

SanDisk introduces the first 8TB SD and 4TB microSD cards - Liliputing

Jump

  • I can imagine this being useful for cases where you write a lot of data over a longer time period. Think CCTV (with low-medium resolution). You can keep a sizeable archive locally and never have to swap cards

    • Tailscale @lemmy.ca
    Nikita @feddit.org

    Tailscale seems to conflict with my nftables setup?

    I am setting up a homelab server with Tailscale, and I am also trying to learn new stuff along the way. I've never worked with xtables/nftables, so I wanted to try it out instead of ufw.

    My goals for the setup were:

    • Tailscale manages its own traffic (aka everything on tailscale0). Otherwise:
      • all outgoing traffic is allowed
      • forwarding is not allowed
      • incoming is not allowed, unless it's port 22 from my local LAN (for quick at-home debugging)
      • ICMP is allowed for pinging

    I've scouted Arch Linux wiki and nftables wiki and have made this config: 

     undefined
        
flush ruleset

table inet my_chain {
    set LANv4 {
        type ipv4_addr
        flags interval

        elements = { 192.168.1.0/24 }
    }

    set LANv6 {
        type ipv6_addr
        flags interval

        elements = { fe80::/64 }
    }

    chain my_lan_input {
        tcp dport ssh accept comment "Accept SSH on port 22"
    }

    chain my_input {
        type filter hook input priority filter; policy drop;