Welcome to Incremental Social! Learn more about this project here!
Check out lemmyverse to find more communities to join from here!

notabot

@notabot@lemm.ee

This profile is from a federated server and may be incomplete. Browse more on the original instance.

notabot ,

You can, but I found it a bit laggy. It basically wraps your tcp stream over https, so I think the extra overhead was what was slowing it down.

notabot ,

There are fewer incoviniently placed spiky bits on an elephant than a stegasaurus.

notabot ,

The allowed IP ranges on the server indicate what private addresses the clients can use, so you should have a separate one for each client. They can be /32 addresses as each client only needs one address and, I'm assuming, doesn't route traffic for anything else.

The allowed IP range on each client indicates what private address the server can use, but as the server is also routing traffic for other machines (the other client for example) it should cover those too.

Apologies that this isn't better formatted, but I'm away from my machine. For example, on your setup you might use:

On home server:
AllowedIPs 192.168.178.0/24
Address 192.168.178.2

On phone:
AllowedIPs 192.168.178.0/24
Address 192.168.178.3

On VPS:
Address 192.168.178.1
Home server peer:
AllowedIPs 192.168.178.2/32

Phone peer:
AllowedIPs 192.168.178.3/32

notabot ,

Sort of. If you're using wg-quick then it serves two purposes, one, as you say, is to indicate what is routed over the link, and the second (and only if you're setting up the connection directly) is to limit what incoming packets are accepted.

It definitely can be a bit confusing as most people are using the wg-quick script to manage their connections and so the terminology isn't obvious, but it makes more sense if you're configuring the connection directly with wg.

notabot ,

Ah, ok. You'll want to specify two allowedip ranges on the clients, 192.168.178.0/24 for your network, and 10.0.0.0/24 for the other clients. Then your going to need to add a couple of routes:

  • On the phone, a route to 192.168.178.0/24 via the wireguard address of your home server
  • On your home network router, a route to 10.0.0.0/24 via the local address of the machine that is connected to the wireguard vpn. (Unless it's your router/gateway that is connected)

You'll also need to ensure IP forwarding is enabled on both the VPS and your home machine.

notabot ,

Maybe a good pair of headphones and the careful application of some spray paint? Mask and holes or areas you don't want to colour, then apply several light coats until suitable pinkness is achieved. I suspect you'll get bonus points for personalisation.

notabot ,

I haven't had any issues painting most plastics with the general hobby type spray paints. I know there are some that'll fail or damage the surface, but I've had good results with Plastikote (other brands are available, etc).

I should probably have been more specific about using spray paints for plastics rather than general ones.

notabot ,

Well obviously they aren't going to let the secret out like this. Silica gel and tide pods actually just drop you ome level deeper into the simulation. Really what you need to eat is removed.

notabot ,

You really shouldn't have something kike SSHD open to the world, that's just an unnecessary atrack surface. Instead, run a VPN on the server (or even one for a network if you have several servers on one subnet), connect to that then ssh to your server.
The advantage is that a well setup VPN simply won't respond to an invalid connection, and to an attacker, looks just like the firewall dropping the packet. Wireguard is good for this, and easy to configure. OpenVPN is pretty solid too.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • incremental_games
  • meta
  • All magazines
    •