原神キャラの日常 vol.68 https://www.kusogame.com/90004/ #fontaine #Genshin #GenshinImpact #gensin #inazuma #mondo #nat #nata #natlan #riiyue #sumeru #いなずま #いなづま #げんしん #げんしんキャラ #しゃしん #スメール #スメル #ナタ #フォンテーヌ #マルチプレイ #モーション合わせ #モンド #りーゆえ #りいゆえ #写真術 #写真部 #動画 #原神 #撮影会 #景色 #璃月 #稲妻

原神キャラの日常 vol.68 https://www.playing-games.com/949146/ ##fontaine ##inazuma ##sumeru ##フォンテーヌ #genshin #GenshinImpact #gensin #Mondo #nat #nata #natlan #riiyue #いなずま #いなづま #げんしん #しゃしん #スメール #スメル #ナタ #ふぉんてーぬ #マルチプレイ #モーション合わせ #モンド #リーユエ #りいゆえ #写真術 #写真部 #動画 #原神 #撮影会 #景色 #璃月 #稲妻

𝗚𝗿𝗶𝗷𝘀 𝗲𝗻 𝗻𝗮𝘁 𝗯𝗲𝗴𝗶𝗻 𝘃𝗮𝗻 𝗱𝗲 𝗱𝗮𝗴, 𝗴𝗿𝗼𝘁𝗲 𝘁𝗲𝗺𝗽𝗲𝗿𝗮𝘁𝘂𝘂𝗿𝘃𝗲𝗿𝘀𝗰𝗵𝗶𝗹𝗹𝗲𝗻 𝗶𝗻 𝗵𝗲𝘁 𝗹𝗮𝗻𝗱

Wie vanochtend naar buiten kijkt, ziet vooral veel grijs. Een wolkenveld trekt over het midden en zuiden van het land richting het oosten en zorgt daar tijdelijk voor regen. In het noorden blijft het grotendeels droog, maar de kou laat zich daar juist extra voelen. De...

https://www.rtl.nl/nieuws/weer/artikel/5562437/weerbericht-2-februari-2026

#Grijs #Nat #Temperatuurverschillen

Как я выяснял, что провайдер блокирует входящий 443 порт, и что это означает для self-hosting и хомлабов

В какой-то момент я решил заняться self-hosting’ом дома: небольшой хомлаб, Proxmox, несколько сервисов за reverse proxy, HTTPS - всё максимально стандартно. Никакой экзотики: обычный домашний интернет, белый IP, проброс портов, nginx с TLS. Но на этапе публикации сервисов наружу выяснилось странное: входящий 443 порт просто не открывается , при том что 80 и другие порты работают.

https://habr.com/ru/articles/991520/

#Homelab #Блокировка_портов #Порт_443 #HTTPS #Белый_IP #Reverse_Proxy #Proxmox #NAT #Traefik #nmap

Gặp vấn đề NAT hairpinning: khi truy cập các dịch vụ (memos, owncloud…) qua domain nội bộ trên router BT Smart Hub 2, yêu cầu luôn timeout, trong khi ngoài mạng hoặc VPN thì bình thường. Router không hỗ trợ NAT loopback. Giải pháp khả thi: dùng Cloudflare Tunnel (cẩn thận FUP), hoặc thiết lập VPS + Pangolin, hoặc nâng cấp router hỗ trợ NAT loopback (VD Ubiquiti Dream Router 7). #NAT #hairpinning #homeLab #router #Selfhosted #Mạng #CôngNghệ #Vietnam

https://www.reddit.com/r/selfhosted/comments/1

Your daily reminder that #NAT is not a security mechanism and the lack thereof is meaning something is unsafe. #ipv6 https://www.johnmaguire.me/blog/ipv6-is-not-insecure-because-it-lacks-nat/

Had to open 5060 inbound to get one providers trunk to signal inbound calls (either #STUN isn't working there or some #NAT issues), with predictable results..

Got older version of #fail2ban on this box to yeet all blighters trying to get in - by turning on security logging in /etc/asterisk/logfiles_custom.conf (add entry security_log => security), updating regexes in /etc/fail2ban/filter.d and pointing failt2ban jail to check /var/log/asterisk/security_log (main Asterisk log is in wrong format and I don't know enough regex to fix that)

Also registered a #Voipfone virtual PBX extension to use as an extra trunk (needs contact-user and from-user set in #PJSIP config)

The picture @alex drew a few months back sums up exactly what dealing with these #VOIP #trunks is like

#Asterisk #FreePBX

Dziurawimy NATy jak szmaty za pomocą UDP Hole Punching ( https://nfsec.pl/security/6697 ) #linux #security #network #lan #nat

https://www.youtube.com/watch?v=TEzX_Rh-Hic

@BestGirlGrace the only reason I use #SSH tunnels is because they work reliably.

• I really need to see if I can use #dropbear with #pwnat to get some public-reachable SSH server persistently through #NAT|s.

@louis Once Provider-Independent #IPv6 isn't #paywalled with a @ripencc membership, #NAT66+#ULA works as well across #WAN links as #IPv4+#NAT and all vendors of Software and devices support IPv6 with Privacy Extensions enabled per default!

even stilstaan bij
de jagende sneeuwvlokken
grijnzend grijze lucht

#haiku #sneeuw #grijzelucht #sneeuwwolken #woordspel #nat #winter #sneeuwhaiku #weerhaiku #evenstilstaanbij #wolkenhaiku

https://wolkenhemel.blogspot.com/2026/01/even-stilstaan-bij.html

@happyborg @dalai @jwildeboer most of these providers claim that they can recoup the cost with new purchases and shrinking costs for storage over time, which makes this truly a #PyramidScheme.

• OFC they also throtthe users and don't expect everyone to max out their purchased storage quota instantly.

• But I'm not just comparing against short-term filehosters but also in terms of #backups consider years, if not decades of uptime to be necessary to be useful.

Also mind you this ain't like #TeamViewer where the cost of infrastructure is negligible (just some "Rendrevous-Server" to exchange status info, IP addresses and facilitate "Hole Pubching" through #NAT & #Firewall which in theory doesn't reuire mich compute and bandwith to function.

• We're talking Gigabytes if not Terabytes per User in storage and traffic.

• And since this system isn't like some #ColdStorage like a #tape, this needs to be #HDDs that constantly spin and draw power.

Aviation weather for Governador Aluízio Alves International airport in Natal area (Brazil) is “SBSG 061300Z 08013KT 9999 SCT030 30/18 Q1014” : See what it means on https://www.bigorre.org/aero/meteo/sbsg/en #governadoraluizioalvesinternationalairport #airport #natal #brazil #sbsg #nat #metar #aviation #aviationweather #avgeek vl

Aviation weather for Governador Aluízio Alves International airport in Natal area (Brazil) is “SBSG 221400Z 11014KT 9999 BKN030 BKN100 29/21 Q1013” : See what it means on https://www.bigorre.org/aero/meteo/sbsg/en #governadoraluizioalvesinternationalairport #airport #natal #brazil #sbsg #nat #metar #aviation #aviationweather #avgeek vl

Wenn ich Lokal in meinem Netz alles auf #IPv6 habe, dann wird, so wie ich es verstanden habe, kein #NAT mehr gemacht. Ist ja dann nicht mehr nötig, weil jedes Gerät auch aus dem Internet heraus eine eigene, eindeutige Adresse hat.
Stimmt das so?
Das bedeutet aber auch, wenn ich z.B. den Webserver auf meinen Raspberry aus dem Internet erreichen will benötige ich kein Portforwarding auf der FRITZ!Box, denn ich kann ihn direkt adressieren.

Aber ist das nicht auch eine riesige Sicherheitslücke?

RE: https://mstdn.feddit.social/@admin/115716445396750150

本来写了很多，但是太麻烦了，就用这个最简单的方法吧：编译完Linux内核就不用了

NAT端口转发尝试：

VM1：
ifconfig
得到内外IP为192.168.122.2

Hetzner0:
sudo virsh list --all
列出虚拟机
sudo virsh net-dhcp-leases default
确认VM IP 是 192.168.122.2
sudo iptables -t nat -A PREROUTING -p tcp --dport 2222 -j DNAT --to-destination 192.168.122.2:22
设置端口转发
sudo iptables -I FORWARD -d 192.168.122.2/24 -p tcp --dport 22 -j ACCEPT
sudo iptables -I FORWARD -s 192.168.122.2/24 -p tcp --sport 22 -j ACCEPT
允许转发流量
sudo apt install iptables-persistent -y
sudo netfilter-persistent save
保存配置

其他命令：
sudo iptables -t nat -L PREROUTING -n --line-numbers
查看NAT转发规则
sudo iptables -t nat -D PREROUTING NUMBER
删除规则

#NAT #iptables #ubuntu #linux #cockpit

Proxmox网络配置
https://pve.proxmox.com/wiki/Network_Configuration

Proxmox VE 不会直接将更改写入/etc/network/interfaces文件。相反，我们会将更改写入一个名为/etc/network/ interfaces.new 的临时文件

如果您通过图形用户界面 (GUI) 更改网络配置，可以单击 “应用配置”按钮。这将把临时interfaces.new文件中的更改同步 到/etc/network/interfaces文件并实时应用。

如果您直接手动修改了/etc/network/interfaces文件，可以通过运行ifreload -a 命令来应用这些更改

o[n<phys_port_name>|d<dev_port>] — devices on board
s[f][n<phys_port_name>|d<dev_port>] — devices by hotplug id
[P]ps[f][n<phys_port_name>|d<dev_port>] — devices by bus id
x — devices by MAC address

eno1——是首款板载网卡 enp3s0f1 — 是 PCI 总线 3、插槽 0 上的网卡的功能 1。

您可以使用 diff（或其他您选择的差异查看器）来检查对配置所做的更改：diff -y /etc/network/interfaces /etc/network/interfaces.new

网桥就像是用软件实现的物理网络交换机。所有虚拟机可以共享同一个网桥，也可以创建多个网桥来分隔不同的网络域。

• 10...* → 私有
• 172.16~31.. → 私有
• 192.168.. → 私有
• 127...* → 回环

常见的情况是，您有一个公网 IP 地址（例如198.51.100.5 ），以及一个用于虚拟机的额外 IP 地址块（203.0.113.16/28）。我们建议在这种情况下采用以下设置：

auto lo 
iface lo inet loopback 

auto eno0 
iface eno0 inet static 
        address 198.51.100.5/29 
        gateway 198.51.100.1 
        post-up echo 1 > /proc/sys/net/ipv4/ip_forward 
        post-up echo 1 > /proc/sys/net/ipv4/conf/eno0/proxy_arp 


auto vmbr0 
iface vmbr0 inet static 
        address 203.0.113.17/28 
        bridge-ports none 
        bridge-stp off 
        bridge-fd 0

使用iptables进行地址转换（NAT）
伪装技术允许只有私有 IP 地址的访客通过访问主机 IP 地址来访问网络。每个出站数据包都会被iptables重写，使其看起来像是来自主机，响应也会相应地被重写，以便路由到原始发送者。

auto lo 
iface lo inet loopback 
auto eno1 
#真实IP地址
iface eno1 inet static 
        address 198.51.100.5/24 
        gateway 198.51.100.1 

auto vmbr0 
#私有子网
iface vmbr0 inet static 
        address 10.10.10.1/24 
        bridge-ports none 
        bridge-stp off 
        bridge-fd 0 

        post-up echo 1 > /proc/sys/net/ipv4/ip_forward 
        post-up iptables -t nat -A POSTROUTING -s '10.10.10.0/24' -o eno1 -j MASQUERADE 
        post-down iptables -t nat -D POSTROUTING -s '10.10.10.0/24' -o eno1 -j MASQUERADE

#proxmox #network #pve #vmbr0 #eno1 #NAT

Problemas de Mikrotik con DNS Redirect (DoH/DoT) y cómo solucionarlos correctamente #tecnología #dns #dstnat #hairpin #mikrotik #nat
https://www.dagorret.com.ar/blog/2025/12/08/problemas-de-mikrotik-con-dns-redirect-doh-dot-y-como-solucionarlos-correctamente/

@SpaceLifeForm Again: Doesn't work with UDP traffic that is encrypted!

• And I kinda need to do some #NAT+#NPT shit here...

#IPv6 is a mistake!

• Noone needs #128bit address space!
• 21+ years of protocol existance, yet no mandatory & widespread adoption…
• You want to have more than 1 PC per line? We have a solution for it, it's called #NAT!
• IPs should not have variable lenghts and hexadecimal digits!!!

#SLAAC? #RouterAdvertisement?? #6rd???

• These are real #IPv6only mechanisms deployed in the real world!

"Yes, I'd love to have all my devices loose their #IP assignments everytime my #WAN connection resets/disconnects/…!"

• They have played us for absolute fools!

#meme #shitpost #IPv4 #Enshittification