| 29 Nov 2025 |
 jappie | ah so it's best to leave networking.useNetworkd on false when using system.network? | 11:52:17 |
| jappie | * ah so it's best to leave networking.useNetworkd on false when using systemd.network? | 11:52:36 |
 K900 | It should not matter if you have no other networking.* options | 11:55:00 |
| 2 Dec 2025 |
 kdn | is there a reasonable way to force custom-built install-iso to use only one (first?) of the plugged in ethernet interfaces? | 12:23:01 |
| kdn | * is there a reasonable way to force custom-built install-iso to use only one (first?) of the plugged in ethernet interfaces without telling it which one should it be? | 12:23:10 |
| kdn | I have devices with 4 ports and I can only access it through one of those with the highest default route metric | 12:23:41 |
 Sandro 🐧 | first as in the one with highest default route, as first doesn't make much sense otherwise | 14:47:25 |
| K900 | Do you control the route metrics? | 14:48:56 |
| K900 | You can just push the correct metric over DHCP | 14:49:22 |
| K900 | If you control the DHCP | 14:49:30 |
| K900 | (you probably should do that anyway) | 14:49:41 |
| 4 Dec 2025 |
|  Ido Samuelson joined the room. | 01:46:10 |
|  isabel changed their profile picture. | 16:41:36 |
|  Tanja (she/her) - ☎️ 4201 changed their display name from Tanja (she/her) to Tanja (she/her) - ☎️ 4201. | 18:10:30 |
| 6 Dec 2025 |
|  P J joined the room. | 07:45:51 |
| 8 Dec 2025 |
|  okamis joined the room. | 14:22:46 |
| okamis | Im using runnixostest interactive as a playground environment. I would like it to be a bit similar as non-interactive, so I would like ssh access but not access to the internet, whats a good way to achieve that? Currently im running "ip route del default" in the testscript. | 14:24:11 |
| K900 | Could just firewall all outgoing connections | 14:24:36 |
| okamis | I had a rule drop all outgoing, and it screwed up kubectl connecting to k3s using localhost:8080, | 14:26:38 |
| K900 | Well that depends on how you implemented it | 14:27:32 |
| okamis | iptables -t filter -I FORWARD 1 -m state --state NEW -j DROP | 14:29:10 |
| K900 | Yeah that's not all outgoing connections | 14:29:28 |
| okamis | oh sorry should be OUTGOING instead of forward | 14:29:28 |
| K900 | That is also a bad idea | 14:29:35 |
| K900 | You want to match on interface | 14:29:40 |
| K900 | Or explicitly exclude loopback I guess | 14:29:45 |
| okamis | is this reasonable?
iptables -A OUTPUT -o lo -j ACCEPT
iptables -A OUTPUT -o eth0 -m conntrack --ctstate NEW -j DROP
| 15:21:45 |
| K900 | Probably | 15:22:48 |
| K900 | I don't remember iptables well enough | 15:22:54 |
| 9 Dec 2025 |
|  adamcstephens changed their profile picture. | 17:25:09 |
