Is OPNsense like dd-wrt or OpenWrt?

Yes, both are similar in terms of being a firewall/access point. OpenWrt is Linux based and OPNsense is based on FreeBSD.

OpenWRT and OPNsense have similar wireless capabilities but OPNsense is a little bit more restricted due to being based on FreeBSD, it still should be easy to manage though. More on the wireless compatibility can be found at the below link.

https://www.freebsd.org/releases/14.2R/hardware/#wlan

I haven’t used dd-WRT so I can’t speak to it, but have tried OpenWRT. My personal preference is OPNsense, I just find it easier to use and prefer the interface.

Here’s a link to the OPNsense documentation.

https://docs.opnsense.org/index.html

I’m far from a network engineer but have been tinkering with computers and network stuff for 20ish years and there is still a ton that I don’t know. Don’t let it discourage you, you can make it work! Documentation can be muddy sometimes, and bland, but I find it best to just go one step at a time and slowly implement each piece while testing after each step.

I mentioned a firewall in your last post, but didn’t get a chance to respond to what you said and saw this post.

You can use something like opnsense or pfsense (or something similar) behind your current router/modem.

If you have a router/modem combo, it would look like this.

Wall cable (fiber, copper etc) > Router/Modem > Firewall/Router device with opnsense installed on it > wireless or wire connected devices.

The hardware will cost money up front, the OS for it is free.

You can use this to isolate your devices from the router/modem that is the cause of concern, and have a secure connection to your jellyfin server. Eliminating the need for signed certificates.

Don’t over think it. You can secure your network without making it excessively complicated.

If you have a raspberry pi you can also experiment with running the firewall on that (just as a test since there aren’t official builds for the RPI that I know of) and pentest from whatever device you use to do so connected to your router provided by your ISP or however you want to test it before you go out and buy hardware.

Just to be clear I wasn’t trying to be any sort of way with my question previously, but wanted a better understanding of what you meant by not trusting your device.

Edit: So a little side note, there are options to increase security when using something like opnsense. You can use freeradius to harden the access requirements to your network.

Since you mentioned pen testing but also seem to say that your knowledge of networking is a little bit limited, it may be a bit more involved than you’re ready for. The thing is (and this is by no means a knock on you) if you are doing pen testing then you definitely need to increase your knowledge on networking. Those two things kinda go hand in hand. If you don’t understand networking but you are trying to pen test a network, then how do you know what you are doing is actually effective? I suspect you may understand a bit more than you think you do, so try to broaden your knowledge more!

https://wiki.freeradius.org/

There’s something to check out just to get some concepts. You can do plenty of things to harden your security that could give you the comfort you need without defaulting to encrypted connections over LAN.

Just out of curiosity, why is your network not a trusted party?

You could start with an additional firewall and maybe setting up traffic restrictions on it to mitigate what devices can communicate with each other, in addition to setting up a local VPN.

Yes its possible to spoof mac addresses and such but it really sounds like your concerns could be mitigated by having a more secure network setup.

If your network isn’t a trusted party then you need to start there. Why isn’t it a trusted party and what do you need to do to secure the traffic to/through it.

Are you serious?

They might not be cops, but that was quick and efficient with almost no interference. Actual cops would have just laid her out and detained her with excessive force. What you saw was trained professionals. They surrounded her, overwhelmed her, arrested her, and quietly walked off with her.

I’m not defending it, but they knew exactly what they were doing and it went exactly as they planned it to go. Quietly.

Did you expect some kind of movie style abduction, roll up screeching tires in a panel van and 10 guys jump out and toss a bag over her head then toss her in the van and peel out?

Ok, yeah.

Fell asleep last night sorry.

I did the following for that. I just went and double checked it and it is set to what I want it to.

[Service]
User=username
Group=groupname

Ok, I’m not entirely sure what happened but it’s working now. Just restarted my computer and it didn’t revert.

Strange.

Nope, I’m running ext4 on pretty much everything.

Interesting, was there anything in particular that you did with the services other than editing the service to run as those particular users?

Side note, I just tried to chown the sabnzbd folder and everything inside updated but the main folder itself refuses to change. Even after stopping the service.

Edit: scratch that. I closed and re-opened Dolphin and checked the properties of the folder and now it’s showing correctly.

I’m still working on learning about containers but not quite there yet.

Default being, when each service is installed it creates an individual user/group (sonarr, radarr, sabnzbd) and the folder that is created in /var/lib/ for each service is set to those particular users/groups.

At this time, sonarr and radarr seem to be ok (I will need to double check after an update to them) but SABnzbd reverts the folder permissions every time I reboot and complains whenever I reboot since it can’t write to the db or log files because the permissions change. I have looked at the config but didn’t see anything outstanding that would indicate a reason it would be changing. Unless I am missing a different config file somewhere outside of that folder. There aren’t any settings from within the web interface pointing to that either, at least from what I could see.

I would take the whole thing out short of the side up against the house and put a decent wood picnic style table, a fire pit (if that’s allowed where you’re at) like one of the steel ones raised up off the ground and use the extra space for growing veggies and stuff.

Depends on what you want though.

Are you wanting to repair/replace it and have that whole patio area or are you willing to do a bit more with the earth underneath it?

You could always do like you said and use pavers or gravel some of the area too and still reclaim some of the ground underneath to use for other stuff.

Yeah, wireshark is a good start.

Something else to consider but requires a different device would be to add a firewall (something like a Protectcli device running OPNsense) between your modem and router and set it up to block the outgoing request and see if it breaks something, or at the very least if you’re concerned about security, you’re blocking that specific traffic while you troubleshoot the cause using wireshark or some other method.

Are we forgetting the actual model names?

Macbook Air - Mine is A2337. They do have arbitrary model numbers for all of their stuff too. Guaranteed they do the same thing with their pens, pencils, and other stuff. It’s just that most consumers rarely pay attention to them. To be fair though, most of the apple model numbers I’ve seen are similar to what I said above which is not nearly as bad as how they do TVs lol.

They are probably just trying to keep consistency between an AD instance and Exchange or something like that. Or just laziness.

When we generate new user accounts we run a script that generates an email (so we don’t have to manually do it). It gets generated with the username of the individual which in our case would be first initial, last name. Then another alias gets generates to first.last@x.whatever and is set as primary. While the username@x.whatever is left as an alias, but would still technically work if you emailed it.

If a username already exists we will use the first and second letter of the first name and then the last name, etc.

In the above I mentioned consistency and laziness, but there is also another side, and that is your user base. If you are servicing hundreds of thousands of people or just a ton in general, consistency is very much preferred. Try having to explain to an end user that their login is simply “username” for their computer, but their email is “first.last@x.whatever” oh and let’s go ahead and loop in Azure SSO so now their software license login and login for all these other portals is “username@x.whatever”.

You end up with a mass of confusion. Sometimes simplicity is best when it’s possible.

That uhh, dead chicken on the ground there seems to say otherwise lol.

Lol

Well, your post says otherwise.

You have the intent to do actions that could impact the housing/land market.

BUT you noted that people can’t live on agricultural land where you are at just now. so that makes a big difference, and had you of made that clear your post might have been a little bit more well received.

So I think that is an interesting idea but you are still going against the grain there.

There are many people here that are very against the exact thing you are trying to do, so the reddit quip you made is kinda backwards lol.

Please no.

This is already a big problem we have with the world today, people trying to make money from land and housing. We need less people doing shit like this. Causing housing market issues just to make money.

Also, it might backfire on you. More “clutter” is more work/cost for a prospective buyer. You would need to be restrictive to buyers that specifically want your style, which could put you in a position of discrimination.

You could say, “but I’m only one person, it’s not going to make a difference” not thinking about the millions of other people out there doing the same thing. Don’t do this, just sell it and move on if you’re going to sell it.

Yup, you can turn it off.

It’s not overly difficult to get to the setting either.

I’m 100% on board with renewable energy.

There’s just one problem I have right now, if I opt in (and I am opted in) to use renewable energy, I get charged more per kwh than if I were to opt out.

So while there is a lot of misinformation out there against renewables, one thing I see about it costing more has remained true, at least where I live. The power company even states that they charge you more for using renewables. Even if they frame it as being a marginal difference of a few dollars, it’s still more expensive, on top of them increasing electric costs year over year.

Sorry for the delay, I’ve been quite busy.

Here’s a link to the powershell script.

https://pastebin.com/RFtfLQNq

Take note of line 4. It is looking for a separate file called discover_printer.ini to retrieve printer information from. You can name the ini file whatever you want, just make sure to update the name within the powershell script.

Here’s the link to the ini file. Not sure why I even bothered to put it there since it’s so short lol.

https://pastebin.com/138TnASY

PRINTER1_DEV_NAME= The name you want the printer to show up as in Bambu Studio

PRINTER1_USN= Serial number of the printer

PRINTER1_IP= Local IP address of the printer

PRINTER1_CODE= The access code for the printer that is in lan mode

You can do multiple printers in one ini, just change the number at the end of “PRINTER” to the next number.

We use this for X1E models, but the script looks to be generic so I don’t think it will matter which one you have.

I have only seen one person have an issue out of the 50 or so that use this script. It will connect from his machine but consistently fails to send files to the printer.

I just put the powershell script and the ini in the root directory of the Bambu Studio installation and make a shortcut to the ps1 script on the desktop. If you have powershell scripts locked down you may need to add a key at the bottom to allow it to run.

To use the script, open Bambu Studio first then run the script and browse to the device tab and click the + in the left hand menu to bring up discovered printers.

I hope it works for you.

That is an absolutely fair assessment and you are right.

I think there could be some wiggle room in terms of legality here though, the issue is global enforcement.

Sure, the CEO is responsible for maximizing profits, but when they lay off potentially thousands of people, essentially union busting at the highest level, they should be arrested and jailed. Following orders is not an excuse. “I shot that kid because my commander told me to, even though we had no proper intel and there was no sign of imminent danger” turns into “I just possibly made 1000 people lose their homes and many of them could potentially lose their life due to duress from my actions because someone wanted to make a million dollars more”. So fuck it, if someone dies due to a chain reaction of events that all started when they lost their job, let’s charge the CEO with murder, and since it’s all coming from the investors, let’s charge them with murder too since they are the ones giving the orders.

Anybody making more than a million dollars a year needs to be held to such a high standard that makes their life extremely uncomfortable, until the point where humans live on an equal scale. That will never happen though.

At the end of the day I’m not arguing with you at all. I agree with you. The investors are one of if not the main root problem and we absolutely live in a society that promotes this.

I am absolutely disgusted by how things are in the world today. Nobody is perfect and we all make mistakes, but these oligarchs are not making mistakes. They don’t care, and they need to pay for their actions.

Edit just because: I know that my thought process is way out there, and we will never have things work in a way that benefits everyone, but it’s very disheartening to see people suffer. It makes me seethe with rage at how this stuff just continues to be allowed to degrade society and human rights just so some selfish fucks can have more money than they will ever be able to spend. So a touch of wishful thinking and a sprinkle of hope, with a whole lotta rage is my mind. I just want to be able to raise my kid and not have to worry about the shit situation they will probably have to deal with 20 years from now. Or not see kids sleeping under bridges by themselves or hear/see any other of the absolutely irrational things going on in the world because of people in power. It fucking hurts.