overview for sxt

I doubt the goal is to produce easily understood bash, otherwise you'd just write bash to begin with. It's probably more similar to a typescript transpiler that takes in a language with different goals and outputs something the interpreter can execute quickly (no comment on how optimized this thing is).

NVIDIA switching to open kernel modules by default in future driver update for Turing+ in c/linux@lemmy.ml

[-] sxt@lemmy.world 6 points 4 months ago

I believe version 555 of the Nvidia driver is supposed to get the explicit sync patch.

Why I Left NixOS for Ubuntu in c/programming@programming.dev

[-] sxt@lemmy.world 4 points 4 months ago* (last edited 4 months ago)

Nixos is immutable to force system configuration through the declarative nix configs/build system not to limit tinkering.

Traefik 3.0 GA Has Landed: Here's How to Migrate in c/selfhosted@lemmy.world

[-] sxt@lemmy.world 0 points 4 months ago

All I had to do was remove one field to do with docker swarm which I don't think I was using anyway.

Original Fallout lead Tim Cain loves the new show, but remains baffled by how 'destructive' fans can act toward 'people who are trying to create things' in c/games@sh.itjust.works

[-] sxt@lemmy.world 12 points 5 months ago

Wheel of time was so close too. If they just didn't fuck with the script so much

Noob Question Thread: Ask Any Questions About Linux! in c/linux@lemmy.ml

[-] sxt@lemmy.world 2 points 5 months ago

Been gaming on nixos for a month or two and haven't had any issues AFAICT

Microsoft won't update your Windows 11 PC if it has these apps in c/technology@lemmy.world

[-] sxt@lemmy.world 1 points 5 months ago

Worth considering holding onto the Nvidia card to do a vfio windows VM as a fallback for stuff that doesn't run well through wine/proton. It wasn't too hard to setup and its nice to just toss all the games with kernel anticheat/adobe shit into.

11

Issues forwarding traffic through a wireguard connection (lemmy.world)

submitted 8 months ago* (last edited 8 months ago) by sxt@lemmy.world to c/selfhosted@lemmy.world

0 comments fedilink

I am attempting to follow this https://www.procustodibus.com/blog/2022/09/wireguard-port-forward-from-internet to forward traffic from a few ports on a public oracle vps to other ports on my local server through a wireguard connection. Currently I am doing this using rinetd, but I was looking for a more normal way of forwarding traffic. (Also looking to forward UDP traffic at some point.)

After stopping rinetd, adding these rules to the public server's wg config

# packet forwarding
PreUp = sysctl -w net.ipv4.ip_forward=1

# port forwarding
PreUp = iptables -t nat -A PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443
PostDown = iptables -t nat -D PREROUTING -i ens3 -p tcp --dport 443 -j DNAT --to-destination 10.144.65.2:8443

# packet masquerading
PreUp = iptables -t nat -A POSTROUTING -o wg0 -j MASQUERADE
PostDown = iptables -t nat -D POSTROUTING -o wg0 -j MASQUERADE

and restarting the wg connection, I'm seeing traffic on the ens3 port but none entering wg0 via tcpdump. I feel like I probably have conflicting iptables rules saved https://pastebin.com/0eNwhNKM but I don't really know enough about whats going on there to fix it. I feel like its probably the wireguard-*-rule ones (created by pivpn possibly?) but I'm not sure.

Edit way later: Ended up just using rinetd for the udp connections. Ubuntu doesn't include the latest version here https://github.com/samhocevar/rinetd which is able to do UDP connections. The docker container RxBrad suggested uses that version within the docker container to make the redirections so it will be roughly equivalent.