Blaster M

Block new connections inbound on the router’s wan. Also block ping if you don’t want pings to find you. That’s the most basic setup for firewalling on the udm, ipv4 and 6. Every router in 2025 should be able to block new inbound on ipv6.

Let me one up this. IPv4 NAT is like the pizza guy has to deliver to you, but you live in a gated community with a strict no visitors policy, which does not allow you to even mention what unit you’re in, and none of the addresses in the community are registered with the post office or on Google Maps either. Instead, you tell the guardhouse you want to order, and they order the pizza for you. The pizza guy delivers to the guardhouse, and the guardhouse delivers the pizza to you.

IPv6 (with firewalling) is like a normal gated community, you order the pizza and include the unit number, and the delivery driver can deliver your pizza directly, as long as the guardhouse approves.

The difference is, with NAT, the guardhouse has to both guard (firewall) and route (keep track of all deliveries, and deliver) your packages, where with IPv6, the guardhouse (firewall) only has to guard (firewall) the packages.

It’s all about what fits the job. Minitrucks are super popular in the USA now, and the Toyota Tacoma (a little smaller than the Hilux) is worth so much used it has almost no depreciation even at 200,000 mi. Though the kind of work the F150 is meant for involves large things (wood beams, bulky equipment, looooong items, and so on) that are probably sized differently in Europe or are trailered instead, which makes it overkill over there to have an F150 if your stuff fits in a small van.

The Ford F150 is a work truck. It was designed for (prototyped with) hauling duty in construction and mining ops. It’s meant to carry lots of big things that won’t reliably fit in a van.

However, using an F150 as your daily driver / shop runner is ridiculous, and you need money to support that fuel economy it doesn’t get.

This coming from an American, in a state where it’s culturally required to drive monster trucks as commuter cars.

But… does it do the stickbug dance?

I prefer Wayland Yutani

admittedly, that is an interesting, yet cursed, food idea

Skill issue

IPv6 is easy to do.

2000::/3 is the internet range

fc00::/7 is the private network range (for non routing v6)

fe80::/64 is link local (like apipa but it never changes)

::1/128 is loopback

/64 is the smallest network allocation, and you still have 64 bits left for devices.

You don’t need NAT when you can just do firewalling - default drop new connections on inbound wan and allow established, related on outbound wan like any IPv4 firewall does.

Use DHCPv6 and Prefix Delegation (DHCPv6-PD) to get your subnets and addresses (ask for a /60 on the wan to get 16 subnets).

Hook up to your printer using ipv6 link local address - that address never changes on its own, and now you don’t have to play the static ip game to connect to it after changing your router or net config.

The real holdup is ISPs getting ultra cheap routers that use stupid network allocation systems (AT&T) that are incompat with the elegant simplicity of prefix delegation and dhcp.

Dupstep?

GrapheneOS here we come

tldr: business > humane animal treatment

That explains why llama is so spicy without a finetune…

People that point out the real estate problem and also dodgy installations causing roof leaks.

A treenis

So, darkweb sites it is.

Powerman 5000, the best band name

…and this is where sanitizing inputs becomes even more important…

flip phones were great as phones, but terrible as pdas. iPhone combined the two in a non-chunky way (competitors? Palm Treo? Windows Mobile phones?)

I stick with Old Spice. It’s consistently worked for me.

Is there something you absolutely need root for? Or can you get away with not having root? It is always better to not have root capability, as that is a huge attack vector.