!tCyGickeVqkHsYjWnh:nixos.org

NixOS Networking

906 Members
Declaratively manage your switching, routing, wireless, tunneling and more.263 Servers

Load older messages

SenderMessageTime
29 Jun 2025
@hexa:lossy.networkhexahttps://github.com/NixOS/nixpkgs/pull/42104216:27:22
@hexa:lossy.networkhexain the long run we should probably look at https://github.com/NixOS/nixpkgs/pull/350199, but the patch size is too large for me to just merge16:39:34
@hexa:lossy.networkhexa* in the long run we should probably look at https://github.com/NixOS/nixpkgs/pull/350199, but the patch size is too large for me to want to merge16:39:44
@emilazy:matrix.orgemilyfeels pointless for most of those16:47:01
@emilazy:matrix.orgemily like, NM without iptables or dhcpcd is not a use case 16:47:12
@emilazy:matrix.orgemily openconnect and dnsmasq, yes 16:47:20
@hexa:lossy.networkhexaiptables can absolutely go away 😄 16:47:34
@marie:marie.cologneMarienftables by default when16:47:51
@hexa:lossy.networkhexawe're using nft these days16:47:51
@emilazy:matrix.orgemilywell, sure16:47:56
@emilazy:matrix.orgemilybut the closure size is like zero16:48:00
@hexa:lossy.networkhexait is using the iptables-nft wrapper probabl;y16:48:04
@hexa:lossy.networkhexa* it is using the iptables-nft wrapper probably16:48:05
@emilazy:matrix.orgemilynot worth any patching16:48:11
@hexa:lossy.networkhexafor the most part, yeah16:48:11
@hexa:lossy.networkhexadepending on systemd is not adding anything 😄 16:48:18
@emilazy:matrix.orgemily like, look at that _firewall_backend_detect patch 16:48:26
@emilazy:matrix.orgemilytotally not worth it16:48:29
@hexa:lossy.networkhexanm uses its internal dhcp client by default16:49:34
@hexa:lossy.networkhexaso dhcpcd can be made optional16:49:43
@emilazy:matrix.orgemilyhmm16:50:13
@emilazy:matrix.orgemilyfair enough16:50:15
@emilazy:matrix.orgemilythat one does not need special patching16:50:42
@hexa:lossy.networkhexabut in general more stuff should be looked up from the path 16:50:45
@emilazy:matrix.orgemilyit seems like most of it comes for free just by patching their main function16:50:47
@hexa:lossy.networkhexa* but in general more stuff should be looked up from the path at runtime16:50:52
@emilazy:matrix.orgemilybut the firewall stuff, no16:50:56
@hexa:lossy.networkhexalike … when firewalling is enabled you have the ipt or nft executables in the path already16:51:43
@hexa:lossy.networkhexaso just pick those16:51:45
@emilazy:matrix.orgemilyI agree that late-binding is not the devil fwiw16:52:36

Show newer messages

Back to Room ListRoom Version: 6