TMP_NKcYUEoM7kXg4qYe

EDIT: The bad solution is to unblock UDP port 5353 but the port has to be source port, not destination port. (--sport flag) See the now modified rules. The issue is that this is very insecure (see this stackexchange question and comments) but obviously better than no firewall at all because at least I'm blocking TCP traffic.

The proper solution (other than using glibc and installing nss-mdns package) is to open a port with netcat (nc) in the background (using &) and then listen with dig on that port using the -b flag.

port="42069"
nc -l -p "$port" > /dev/null || exit 1 &
dig somehostname.local @224.0.0.241 -p 5353 -b "0.0.0.0#${port}"

Then we need to remember to kill the background process. The DNS reply will now be sent to port 42069, so we can just open it with this iptables rule:

-A INPUT -p udp -m udp --dport 42069 -j ACCEPT

---->END OF EDIT.

I want to setup iptables firewall but if I do that, it blocks multicast DNS which I need. I am using command

dig "somehostname.local" @224.0.0.251 -p 5353

to get the IP through mDNS and these are my iptables rules (from superuser.com):

*filter

# drop forwarded traffic. you only need it of you are running a router
:FORWARD DROP [0:0]

# Accept all outgoing traffic
:OUTPUT ACCEPT [623107326:1392470726908]


# Block all incoming traffic, all protocols (tcp, udp, icmp, ...) everything.
# This is the base rule we can define exceptions from.
:INPUT DROP [11486:513044]

# do not block already running connections (important for outgoing)
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT

# do not block localhost
-A INPUT -i lo -j ACCEPT

# do not block icmp for ping and network diagnostics. Remove if you do not want this
# note that -p icmp has no effect on ipv6, so we need an extra ipv6 rule
-4 -A INPUT -p icmp -j ACCEPT
-6 -A INPUT -p ipv6-icmp -j ACCEPT

# allow some incoming ports for services that should be public available
# -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
# -A INPUT -p udp -m udp --dport 5353 -j ACCEPT # does not help
-A OUTPUT -p udp -m udp --sport 5353 -j ACCEPT # SOLVES THE ISSUE BUT IS INSECURE - not recommended


# commit changes
COMMIT

Any help is welcome :)

I'm considering using PostmarketOS on a tablet for a project. I need kernel greater than x.y.z (so far I know >3.0.1 works, <2.6.32 does not). However it's kinda difficult to find it on the wiki. Some devices specify kernel version (android a.b.c, kernel e.f.g), some only the android version (android a.b.c) and some neither.

I found that android version should correspond to a kernel version (https://android.stackexchange.com/questions/51651/which-android-runs-which-linux-kernel). But how do I check (in the least time consuming way) the kernel version of the devices that don't mention anything?

Thanks.

edit: I think I was looking for this answer: https://postmarketos.org/source-code/#linux-kernel

Does anyone know how to set a custom mouse acceleration curve on Sway? man sway-input does mention mouse acceleration but unfortunately it's one of those "you won't learn anything new unless you already knew it before" type of manpage.

I also found this project https://github.com/N-R-K/leetmouse which I will probably use in the end but I would also like to hear if anyone of you has any experience with custom acceleration profile, in case there is a better way or whatever.

Edit: I will use leetmouse (different branch tho), because libinput's acceleration is not very good for gaming (see comments for sources)

https://github.com/systemofapwne/leetmouse

My issue is that many of my remote desktop apps require knowing the IP adress of the other PC. I'm looking for a VPN that auto-discovers other devices on the same network. That way I could just "ssh" into the same IP every time, because it would be IP inside of a virtual network. Ideally I am looking a solution that does not require internet connection.

Thanks.

Edit: I should probably specify my usecase. I have a portable desktop and use VNC from a laptop to connect to it. To do that I need the IP of the desktop but that's different on a different network. This can be solved by using hostname.local as the "IP". (hostname is the "ubuntu" in "bob@ubuntu$:~/Documents") The solution is quite simple, I just haven't known about it.

Edit: Solved according to this: reddit Obviously Void has no systemd service but I just created a script service containing a single line isdv4-serial-inputattach /dev/ttyS0 --baudrate 19200. The serial communication often crashes but runit automatically restarts it so that's fine. Also 6.6 kernel is kinda buggy but 6.10(custom compiled) and 6.1(from void's repo) work fine. Yeah and don't forget to enable the ttySx service otherwise it cannot work.

I cannot get sway to detect my tablet device on Void Linux installed on a Thinkpad X200 Tablet. Anyone knows how to fix it? I have both libwacom and xf86-input-wacom installed. It worked fine on Debian.

Now when I think about it, I don't have libwacom-32bit installed, because I'm using musl library which is 64bit only. That might be the issue considering how old my hardware is. I'm going to try to investigate but I'm going post this here anyways in case anybody knows more than me.

The manual mentions that by default you can pan by holding middle click but my tablet does not have one, so I would like to change it to left click. Anyone knows how to do it? Thanks.

Edit with solution: I'm dumb. Just use the default quickemu settings and only change "-device virtio-gpu-gl " to "-device virtio-gpu " and "-display sdl,gl=on " to "-display sdl,gl=off ". Although qemu will have a lot of overhead at boot, the CPU usage when on the desktop should not eat your linux host's entire core. I also disabled Windows Defender, which I don't recommend if you run random stuff from the internet (or open .xlsm spreadsheets), but it helps. I ran CTT's windows debloat tool and removed edge because it was updating in the background for some reason. Even then Windows is still a last resort kind of machine when my desktop isn't available, not an actual work OS.

Edit with solution 2: The above still sucks compared to using RDP. Use the above to set up Windows Remote Desktop, then use for example Gnome Connections to RDP into it. I had to forward the RDP port to the Windows VM for it to work.

I changed the line

-netdev user,hostname=Quickemu,hostfwd=tcp::22220-:22,id=nic \

to

 -netdev user,hostname=RDPWindows,hostfwd=tcp::22220-:22,hostfwd=tcp::3389-:3389,id=nic \

Then I just connected to 127.0.0.1 from Gnome Connections

=======ORIGINAL POST:

Hi, I have trouble running Windows 10 in QEMU on an old af thinkpad x200t. The issue is that it that my GPU only supports opengl 2.0, so virtio does not work. The best I could do is use these options:

-vga qxl \

-device virtio-gpu \

-display sdl,gl=off

and like 30 more which are part of the default quickemu configuration. The three mentioned are ones I changed.

With these options QEMU uses "just" 85% of my CPU so I can still do something on the linux host. The issue is that Windows is basically unusable because the one core it has is constantly occupied by rendering graphics even when just idle on the desktop.

At this point I have accepted my faith that this laptop ain't usable for Windows virtualization but I thought that I would ask here before closing this case. So does anyone have a secret hack which makes pre core i series intel GPUs work with Windows guests in QEMU?

thanks for any tips

Anyone managed to make it work? If I assign a core to the Windows VM, it's constantly at 100% even when idle. Obviously I expected crappy performance but I was hoping that it would at least work. It did pretty well on bare metal.

Is this a skill issue or a hardware problem? I tried both qxl and virtio, both sucked. I think it's the old GPU because today I tried quickemu instead of virt-manager and quick-emu refused to start because the iGPU does not support OpenGL 3.

Bonus paragraph: Windows 10 (and 11) refused to finish the installation in Virt-manager in KVM mode so I had to install it using emulated x64 cpu and then boot the qcow image from regular KVM. (aimed at those having the same issue in the future)

Edit: I think the problem was Windows updates running in the background. I had a similar problem on my x230 but I fixed it by only enabling security updates. (https://github.com/ChrisTitusTech/winutil) The problem is that this tool is broken on the X200T so I'm going to have to transfer the .qcow image from the X230 to the X200T and then see how bad the performance is. In case you want to know how it went, message me in like a month or two. It's likely I will forget to edit this post after I get through this tinkering.

Edit 2: Nope the issue is the old GPU. It only supports OpenGL 2.0, so Windows isn't really doing anything but rendering itself. I made a last effort to solve this here:

https://lemmy.world/post/11367355

Hi, I am looking for a SBC to self host stuff on. I would like it to be somewhat open hardware (manufacturer provides schematics and drivers are open source). Which is why I initially wanted to buy a banana-pi router but after reading a post in this /c/ I found that mainline linux support is fairly rare in these arm/riscv SBCs.

So I was hoping someone more knowledgeable would help me find some options. Here are my "wants":

• Low power drain
• Open source hardware and software
• Mainline linux support
• 2 ethernet ports, at least 1Gb
• at least 2GB RAM - could do with 1GB I suppose
• a reasonable way to connect 2 SSDs and 2 HDDs - ie. 4 sata ports or one pcie port (not through USB)
• EU seller. Not required but I hate dealing with import taxes and I like guarantees
• Finally I need it to have "wake on power", so that it can start automatically after power outage

The more I search the internet, the more it seems that this mythical computer does not exist but maybe someone knows more than me. Thanks for your replies.

Edit: I'm likely going to settle with the Visionfive 2 since it has official ubuntu support and I won't have to rely on some hacky linux image provided by the manufacturer. It has 2 LAN ports and an M.2 NVME which I'm gonna split into 4 SATAs. Also 8GB RAM is plenty for the lightweight stuff I want to host, maybe even Nextcloud won't be that painful.

Final note: I'm actually not sure how much is the Visionfive 2 open-source but it seems better than intel and AMD stuff so I'm willing to compromise since I actually want to buy something that exists. But anyone reading this in the future beware that I don't know whether it's really open source to the last logic gate. (likely not)