TMP_NKcYUEoM7kXg4qYe

EDIT: The bad solution is to unblock UDP port 5353 but the port has to be source port, not destination port. (--sport flag) See the now modified rules. The issue is that this is very insecure (see this stackexchange question and comments) but obviously better than no firewall at all because at least I'm blocking TCP traffic.

The proper solution (other than using glibc and installing nss-mdns package) is to open a port with netcat (nc) in the background (using &) and then listen with dig on that port using the -b flag.

port="42069"
nc -l -p "$port" > /dev/null || exit 1 &
dig somehostname.local @224.0.0.241 -p 5353 -b "0.0.0.0#${port}"

Then we need to remember to kill the background process. The DNS reply will now be sent to port 42069, so we can just open it with this iptables rule:

-A INPUT -p udp -m udp --dport 42069 -j ACCEPT

---->END OF EDIT.

I want to setup iptables firewall but if I do that, it blocks multicast DNS which I need. I am using command

dig "somehostname.local" @224.0.0.251 -p 5353

to get the IP through mDNS and these are my iptables rules (from superuser.com):

*filter

# drop forwarded traffic. you only need it of you are running a router
:FORWARD DROP [0:0]

# Accept all outgoing traffic
:OUTPUT ACCEPT [623107326:1392470726908]


# Block all incoming traffic, all protocols (tcp, udp, icmp, ...) everything.
# This is the base rule we can define exceptions from.
:INPUT DROP [11486:513044]

# do not block already running connections (important for outgoing)
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# do not block localhost
-A INPUT -i lo -j ACCEPT

# do not block icmp for ping and network diagnostics. Remove if you do not want this
# note that -p icmp has no effect on ipv6, so we need an extra ipv6 rule
-4 -A INPUT -p icmp -j ACCEPT
-6 -A INPUT -p ipv6-icmp -j ACCEPT

# allow some incoming ports for services that should be public available
# -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
# -A INPUT -p udp -m udp --dport 5353 -j ACCEPT # does not help
-A OUTPUT -p udp -m udp --sport 5353 -j ACCEPT # SOLVES THE ISSUE BUT IS INSECURE - not recommended


# commit changes
COMMIT

Any help is welcome :)

I'm considering using PostmarketOS on a tablet for a project. I need kernel greater than x.y.z (so far I know >3.0.1 works, <2.6.32 does not). However it's kinda difficult to find it on the wiki. Some devices specify kernel version (android a.b.c, kernel e.f.g), some only the android version (android a.b.c) and some neither.

I found that android version should correspond to a kernel version (https://android.stackexchange.com/questions/51651/which-android-runs-which-linux-kernel). But how do I check (in the least time consuming way) the kernel version of the devices that don't mention anything?

Thanks.

edit: I think I was looking for this answer: https://postmarketos.org/source-code/#linux-kernel

Does anyone know how to set a custom mouse acceleration curve on Sway? man sway-input does mention mouse acceleration but unfortunately it's one of those "you won't learn anything new unless you already knew it before" type of manpage.

I also found this project https://github.com/N-R-K/leetmouse which I will probably use in the end but I would also like to hear if anyone of you has any experience with custom acceleration profile, in case there is a better way or whatever.

Edit: I will use leetmouse (different branch tho), because libinput's acceleration is not very good for gaming (see comments for sources)

https://github.com/systemofapwne/leetmouse

Edit: Solved according to this: reddit Obviously Void has no systemd service but I just created a script service containing a single line isdv4-serial-inputattach /dev/ttyS0 --baudrate 19200. The serial communication often crashes but runit automatically restarts it so that's fine. Also 6.6 kernel is kinda buggy but 6.10(custom compiled) and 6.1(from void's repo) work fine. Yeah and don't forget to enable the ttySx service otherwise it cannot work.

I cannot get sway to detect my tablet device on Void Linux installed on a Thinkpad X200 Tablet. Anyone knows how to fix it? I have both libwacom and xf86-input-wacom installed. It worked fine on Debian.

Now when I think about it, I don't have libwacom-32bit installed, because I'm using musl library which is 64bit only. That might be the issue considering how old my hardware is. I'm going to try to investigate but I'm going post this here anyways in case anybody knows more than me.

Anyone managed to make it work? If I assign a core to the Windows VM, it's constantly at 100% even when idle. Obviously I expected crappy performance but I was hoping that it would at least work. It did pretty well on bare metal.

Is this a skill issue or a hardware problem? I tried both qxl and virtio, both sucked. I think it's the old GPU because today I tried quickemu instead of virt-manager and quick-emu refused to start because the iGPU does not support OpenGL 3.

Bonus paragraph: Windows 10 (and 11) refused to finish the installation in Virt-manager in KVM mode so I had to install it using emulated x64 cpu and then boot the qcow image from regular KVM. (aimed at those having the same issue in the future)

Edit: I think the problem was Windows updates running in the background. I had a similar problem on my x230 but I fixed it by only enabling security updates. (https://github.com/ChrisTitusTech/winutil) The problem is that this tool is broken on the X200T so I'm going to have to transfer the .qcow image from the X230 to the X200T and then see how bad the performance is. In case you want to know how it went, message me in like a month or two. It's likely I will forget to edit this post after I get through this tinkering.

Edit 2: Nope the issue is the old GPU. It only supports OpenGL 2.0, so Windows isn't really doing anything but rendering itself. I made a last effort to solve this here:

https://lemmy.world/post/11367355