root

I see a lot of guides on setting up DoH (DNS over HTTPS) using things like cloudflared, but not many concrete ones on DoT (DNS over TLS).

Does anyone have any guides they'd recommend?

I've been using PFSense for years, and it's been pretty great, but I also have some friends who are homelabbers that like their Unifi setups.

What do you guys prefer, and why?

I am hosting a couple of services (Matrix chat server and a game server). I know NAT's job is to translate external requests into internal addresses, so that the traffic can hit the WAN and ultimately make it to the internal service which is expected to handle the traffic, however I'm wondering if my setup is correct.

Everything is working as expected, but I'm just wondering how the traffic knows which service to go to. If an outside requests comes in, is it just the destination port that is used to route to the correct internal IP? Do I need to do something else here for best practices?

What are your thoughts on filen? I don't seem to be able to find a community for them here, but it seems like a pretty solid up and coming company for secure cloud storage options.

It's been years since I've checked the used electric market, but I'm seeing cars like the Hyundai Ionic 6 or Polestar 2 for low 30s, where as they were in the high 40s or mid 50s new a year ago.

My suspicion is that:

1. Normal car depreciation when driven off the lot
2. General fear of batteries wearing down prematurely, even if the car has ~10k miles
3. Any applicable federal rebates or otherwise have already been claimed and can't be claimed on used vehicles(?)

Is there any other reason why these drop so quickly? Would buying one be considered foolish in anyway?

First off, I'm guessing this is the most active Proton Technologies community on Lemmy (if there is another, please let me know!)

I recently started playing around with Proton Drive, and my biggest complaint is that there is no dedicated Linux client.

I've run quite a few Windows application on Linux in the past using Wine/ Lutris/ Bottles, etc. However when trying to run the Proton Drive installer (for Windows), it quits prematurely with a generic error message.

I'm guessing there are some config options I need to tweek, or perhaps it knows it's not running in a Windows environment and prevents installation for security reasons. Anyone have any tips or done this successfully?

For those of you who know of PiAlert or similar projects/forks like NetAlertX, do you know of any that can run without WAN access?

I just got PiAlert running the other day and noticed that it does not update correctly unless it has access to WAN which seems odd, since it's basically just running arp commands within internal IP ranges over specified interfaces.

Edit: Looks like I was just able to modify one function to return a hardcoded value to resolve the need to connect to WAN

So, I finally got this project (PiAlert) working how I'd like.

It basically uses arp to keep track of devices on your network, and let you know when new ones join. It gives some basic stats like uptime, etc and you can configure a few different notification options to be alerted when a rogue device connects.

Anyways, to get this work on my network involved setting up several network interfaces, as I have quite a few VLANs I'd like to keep an eye on. While everything seems to be working, I feel like I may have created an asymmetric-routing situation, as now when I SSH to the VM hosting this, it will freeze up after a few seconds.

My interfaces look like such. The problem is that I am accessing this VM (hosted on 192.168.1.0/24) from my personal network (192.168.6.0/24). My personal network has access to 192.168.1.0/24 and obviously to it's own subnet, so I think packets are getting confused, as there are multiple routes they can take to this VM.

I believe this is confirmed, because if I disable the entry for 192.168.6.0/24 in my /etc/network/interfaces file, the problem goes away.

How should I handle this? I've tried some simple UFW rules to try to force things to only use the 192.168.1.0/24 interface, but to no avail.

Edit: Sorry for the weird markdown, not sure why it's highlighting keywords

I recently installed an instance of TPot Honeypot, and it looks and feels pretty fantastic.

I haven't opened it up to the whole world, because my goal here was to just have the same ports I expose for my personal projects (game server, matrix chat, wireguard, etc) be exposed to it.

I know this project is a bit overkill for this use case, since it comes with a ton of honeypots that I'm not using, and that I'm essentially trying to make a fancy IDS, however I have a couple questions.

1. Is it possible to add custom ports for honeypots that aren't included in the project? For example, if I have a game running on port 4567 and there is no honeypot for that, I won't see any activity.

2. Is there another (perhaps lighter) Honeypot that you guys would recommend?

Edit: I guess disregard. I realize now that I can't have honeypots running on the same ports as the services in which I'm wanting to monitor. Port forwarding from WAN to multiple devices using the same port won't work

I recently discovered Pi Alert (and the various forks of it) and it seems like something that might be useful on my homelab.

I've decided to use this version, and have tried the others as well, but I can't seem to get it to discover things outside of the VLAN that it is installed on.

It is running on a Proxmox VM using a trunk'd interface that has several VLANs available to it. If I SSH into the VM hosting Pi Alert, I am able to ping the devices on the other VLANs without issues, so I know ICMP detection should be working.

Here is the config section. I am using SCAN_SUBNETS = [ '192.168.1.0/24 --interface=ens18', '192.168.2.0/24 --interface=ens18' ] To test 2 of my VLANs, and as mentioned, they are on the same interface, however this does not seem to be working.

Anyone have any suggestions?

After looking into travel routers a bit, I quickly came across Gl.iNet which seems to be a leader in the space. It seems they use OpenWRT which is great, but with some special sauce on top of it.

In a few different posts I've seen people mention that they are no longer open source. Does anyone know if this is the case? I see some activity on their Github repo, but am not quite sure which parts people are worried about being closed.

Post 1

Post 2

For those of you who use travel routers, do you only use them to wire guard/ openvpn back to your home networks for local resources?

Do you use the travel routers firewall features at all, or does the VPN tunnel home take care of concerns about others in the public (hotel/ coffee shop/ etc) from seeing your devices?