!tCyGickeVqkHsYjWnh:nixos.org

NixOS Networking

884 Members
Declaratively manage your switching, routing, wireless, tunneling and more. | Don't rely on `networking.*` for interface and routing setup, use systemd-networkd, ifstate or NetworkManager instead. | Set `SYSTEMD_LOG_LEVEL=debug` to debug networking issues with networkd | No bad nft puns, please. | Room recommendations: #sysops:nixos.org260 Servers

Load older messages

SenderMessageTime
12 Jun 2026
@matthewcroughan:defenestrate.itmatthewcroughanis it any different than when doing NAT with local addr ranges ?19:57:39
@magic_rb:matrix.redalder.orgmagic_rbid recommend you write your own firewall, its not that hard. i can share mine, though theyre not well written sadly, didnt have time or energy to do a proper clean up20:35:56
@magic_rb:matrix.redalder.orgmagic_rbyou'd have to olearn nftables tho20:36:01
@elisaado:elisaado.comEli Saado yeah I'm contemplating it quite hard rn 20:36:48
@elisaado:elisaado.comEli SaadoI already do some rule generation20:36:53
@elisaado:elisaado.comEli Saadofor allowing NAT traffic to be forwarded20:37:31
@elisaado:elisaado.comEli Saadoimage.png
Download image.png		20:37:31
@magic_rb:matrix.redalder.orgmagic_rbwell, youd want to use a set for that but yes20:40:17
@magic_rb:matrix.redalder.orgmagic_rb the complexity of the above is O(n) 20:40:27
@elisaado:elisaado.comEli Saadooh20:42:56
@elisaado:elisaado.comEli Saadooh...20:42:58
@elisaado:elisaado.comEli Saadoevaluation time is my biggest opponent20:43:05
@magic_rb:matrix.redalder.orgmagic_rb i would recommend to just not include the rule gen in nix, as in have a mostly static firewall.nft file 20:43:42
@magic_rb:matrix.redalder.orgmagic_rbthen into that you can inject values, by using, uh, there is a command to add an entry to a set, dont ask me what it is20:44:08
@magic_rb:matrix.redalder.orgmagic_rb* then into that you can inject values, by using, uh, there is a command to add an entry to a set, dont ask me what it is rn20:44:10
@magic_rb:matrix.redalder.orgmagic_rbi have a lot of ideas on how to do this, but not enough energy20:44:19
@elisaado:elisaado.comEli Saado oh you mean nftables sets 20:50:47
@elisaado:elisaado.comEli Saadooh thats smart20:50:54
@elisaado:elisaado.comEli Saadodamn20:50:55
@elisaado:elisaado.comEli Saadowe do it for our IRC servers20:51:49
@elisaado:elisaado.comEli Saadoimage.png
Download image.png		20:51:49
@magic_rb:matrix.redalder.orgmagic_rbYep20:59:44
@magic_rb:matrix.redalder.orgmagic_rbSets or maps if you need some from to mapping21:00:00
@magic_rb:matrix.redalder.orgmagic_rbIf you come up with some ruleset, send it to me, i know a few obscure features of nftables, i can maybe give tips. I havent used it in a while at that level tho21:00:30
@elisaado:elisaado.comEli Saado haha alright, thank you <3 21:05:18
13 Jun 2026
@debtquity:matrix.orgdebtquity set a profile picture.03:23:28
15 Jun 2026
@xengi42:matrix.org@xengi42:matrix.org left the room.11:08:07
@truelle_trash_queen:matrix.orgTheodora changed their profile picture.14:49:26
16 Jun 2026
@erents:dapperepoging.nlerents joined the room.12:55:19
@eichehome:tchncs.deeichehome rooms joined the room.15:46:28

Show newer messages

Back to Room ListRoom Version: 6