Linux Routing Fundamentals

Linux has been a first class networking citizen for quite a long time now. Every system running a Linux kernel out of the box has at least three routing tables and is supporting multiple mechanisms for advanced routing features from policy based routing (PBR), to VRFs(-lite), and network namespaces (NetNS). Each of these provide different levels or separation and features, with PBR being the oldest one and VRFs the most recent addition (starting with kernel 4.3).

This article is the first part of the Linux Routing series and will provide an overview of the basics and plumbings of Linux routing tables, what happens when an IP packet is sent from or through a Linux box, and how to figure out why. It’s the baseline for future articles on PBR, VRFs, and NetNSes, their differences as well and applications.

Civ4 is the one I still play. I like my stacks of doom and could never get into the hexagons and no stacking units of later games.

Shooter had a hunting license and used his own hunting weapon for the attack. He had no known affiliations with criminals and had no criminal records of his own. He had no income during 2023 according to his tax statements.

Source https://www.svt.se/nyheter/inrikes/det-har-vet-vi-om-misstankte-garningsmannen-i-orebro

Note that the Qur’an burnings is not what they were on trial for, but for what was said during the events.
Also, Tingsrätten is filled with laymen and almost always appealed in these kind of cases.

Criticism: Bundling together

Freedom of expression expert Nils Funcke believes that there are still question marks about how far freedom of expression extends.

– If you look at what Momika and Najem say in the transcription found in the preliminary investigation, I would say that Najem speaks about the Koran, about Muhammad and about the religion of Islam, and I think that falls within a broad freedom of expression.
I think that Najem and Momika’s statements are lumped together and thus Najem is blamed for what Momika said.

According to Mark Safaryan, Salwan Najem’s lawyer, the verdict will be appealed.

https://www.svt.se/nyheter/lokalt/stockholm/nu-faller-domen-efter-koranbranningar-i-stockholm

SnappyMail seem to be a fork of Rainloop and both Rainloop and Snappymail appear to allow multiple providers - https://snappymail.eu/
Cypht seems to be a similar solution where you selfhost a webserver that acts as a web client to external email providers - https://www.cypht.org/documentation/
I find nothing about push notifications for either of those solutions though, and I’m not sure about how much the webclients cache.

Ah yeah, this was the line I read a bit too fast:

Any modern Linux distribution should basically be in good shape for the AMD Ryzen 9000 series processors. The one recent caveat is needing Linux 6.12+ for the AMD Zen 5 CPU power reporting if that is important to you otherwise it’s an easy one-liner patch to backport.

Compatibility for desktop pcs is a whole lot better nowadays. Main thing to check is the motherboard; Bluetooth, WiFi and BIOS updates without windows can be pain areas but even that is getting rarer. Laptops require some more reasearch.
If you’re going cutting edge (AMD Ryzen 9800X3D) then you’ll need kernel 6.12 or higher.
Here’s a Linux review of the 9800X3D - https://www.phoronix.com/review/amd-ryzen-7-9800x3d-linux

I second this. OEM machines usually come with weird caveats where they saved money on the PSU or other parts that isn’t used in their marketing of the machine.

In my country many online computer stores offer to prebuild your custom pc, offering warranty on the whole build.
Great if you don’t have the time to put it together or if you want the warranty offered.

Just a reminder, if you’re in the EU then waiting 'til June might be worthwhile:

Gonna be interesting to see which models disappear from EU altogether and which models get the better repairability and software updates next summer:
Ecodesign requirements will apply to mobile phones and tablets put on the EU market from 20 June 2025 onwards, including:

1. resistance to accidental drops or scratches and protection from dust and water
2. sufficiently durable batteries which can withstand at least 800 charge and discharge cycles while retaining at least 80% of their initial capacity
3. rules on disassembly and repair, including obligations for producers to make critical spare parts available within 5-10 working days, and for 7 years after the end of sales of the product model on the EU market
4. availability of operating system upgrades for longer periods (at least 5 years from the date of the end of placement on the market of the last unit of a product model)
5. non-discriminatory access for professional repairers to any software or firmware needed for the replacement

• https://energy-efficient-products.ec.europa.eu/product-list/smartphones-and-tablets_en

sending personal data to someone else’s computer.

I think this is spot on. I think it’s exciting with LLMs but I’m not gonna give the huge corporations my data, nor anyone else for that matter.

I’ll have a look! Cheers!

For signal I imagine you’ll find the best answers here:
https://github.com/signalapp/Signal-Android/blob/main/CONTRIBUTING.md
https://community.signalusers.org/c/development/android-development/22

The simple solution is to use another cloud, such as proton drive mentioned below.

Another more technical solution is to setup a vpn at home and use vpn + smb to share files with your phones, this one fails if your computer isn’t always online at home or if your internet provider runs CGNAT.

Your computer could be replaced with a selfhosted solution as nextcloud running on separate hardware, but now we’re firmly in selfhosting land.

The VPN home could be replaced with a VPS that both your home network and mobile devices connect to as a CGNAT workaround.

The KISS (Keep it simple, stupid) principle says that getting another cloud storage is the way to go. If you truly wanna own your cloud then a trip to selfhost land it is.

I definitely feel the pain when it comes to worthless results nowadays. Though in this case DDG comes through:

Adding documentation to the search makes the “correct” page soar to the top:

For details follow the link. This is nothing more than the headlines.

Finances
The GNOME Foundation reserves policy says that the buffer is too low to run at a deficit any longer, which it has done for three years. This years budget is a break-even budget.

Strategy & Fundraising
A five year strategic plan has been prepared and a draft approved by the board. A variety of fundraising activies will be launched over the coming months.

Board Development
More directors are being added to reduce workload on individual board members. Non-voting officer seats will be added for the same reason.

Elections
Annual board elections is coming up, 6 seats are being elected.

I consider client devices to be a big risk factor and if I can keep them from having direct access to the Backup NAS and the IoT I consider that a big win. A simple ransomware attack on a client device would find any NFS/SMB shares the client can access and start encrypting - having the Backup NAS on a separate VLAN that only the server can access stops most of those from affecting the backup and makes restoring a lot easier. I would definitely recommend having an offline backup of the NAS as well in case of the server being breached.

I agree with this, protecting everything behind a VPN is the way to go. I help friends setup their vpn client to my stuff if I want them to access an internal service.

• Single switch, yes. Personally I would probably aim for a managed (must have for vlan support) switch with at least 16 ports where 8 has PoE+ (Power over Ethernet) with at least 100W total budget. The goal would be to power access points and that security camera through PoE instead of separate psus.
  A cheaper alternative is to skip PoE for now and buy an 8-port managed switch now and a secondary PoE switch in the future if need be.
• There are access points with VLAN support, so you can have an access point deliver multiple SSIDs that belong to different VLANs. Two things to look for here is Local Management and PoE powered. You don’t want your access points to become paper weights when the cloud management system is shut down. I don’t want to use cloud management at all to be honest.
• PoE allows you to protect your camera and your APs with the same UPS you put in to protect your network rack.

Draw up some plans beforehand, quick example where I forgot your video doorbell that would be on a separate SSID/VLAN through the APs if it uses WiFi. Which is kind of the point with drawing it up. It helps you find out what you missed.

edit: And that is just an example on how to draw it up. I imagine you want your security camera and doorbell to save video on the NAS, so then their vlan need to be able to communicate with the NAS vlan, as another example of missing stuff in the drawing.

Now let’s look at Office. Open an Excel spreadsheet with tables in any app other than excel. Tables are something that’s just a given in excel, takes 10 seconds to setup, and you get automatic sorting and filtering, with near-zero effort.

I mean you have the same functionality in LibreOffice Calc, the automatic sorting and filtering is called AutoFilter and the table style is chosen from AutoFormat Styles.

That’s a lot of text to basically say “categorize your data and give the files descriptive names”.