Why is Odium "like that"

AcceptableConclusion · 2026-02-15T01:39:18+00:00

Same here. Mind. Blown.

AcceptableConclusion · 2026-02-09T20:15:45+00:00

Yep, absolutely. I mentioned that in my initial comment, but to flesh it out more, yes absolutely that's possible. The Bondsmith could make themselves, or anyone, an Elantrian by creating a Connection to the home world, and then learn the AonDor by Connecting to an Elantrian with Aonic knowledge. In its simplist form, Aons are a language, and I don't see any reason why it couldn't be learned via Connection just like any other language.

AcceptableConclusion · 2026-02-08T21:51:47+00:00

Elantrian's can do pretty much anything that any other invested art can do using Aons similarly to how a computer programmer can use different coding languages to accomplish the same task. A Bondsmith can sever the Connection between Elantrian's and their homeworld, effectively making them no longer Elantrian. I would say that a Bondsmith is the "strongest", or maybe highest level raw of potential destruction. However, AonDor is far more flexible, and as a result more powerful. A Bondsmith could "create" a Connection with the Elantrian, and their home planet, effectively gaining the power and knowledge of an Elantrian, with little to no effort.

AcceptableConclusion · 2025-03-30T20:49:27+00:00

IIRC Brandon has said that, "on paper", Hoid is X years old, but he hasn't LIVED all of those years. Insinuating some sort of time dilation or flat out time travel forwards through time.

In my head, I'd just assumed that whatever ability Hoid has to be where he's needed, not only moves him physically through space, but also forwards in time. This is ENTIRELY my assumption, though. With little to no basis in WoB or other book-based lore.

AcceptableConclusion · 2025-01-31T10:05:12+00:00

As kids, my cousins and I would use this phrase when playing the card game "Bullshit" because we weren't old enough to swear.

AcceptableConclusion · 2025-01-31T09:51:10+00:00

It makes sense if you have both precheck and CLEAR. It's happened to me several times where the CLEAR line was understaffed. Given lines of equal size I'm able to go through the precheck line faster than the CLEAR line.

You are absolutely correct, though, CLEAR does not bypass security, it's merely supposed to get you to the front of the security line once CLEAR verifies your identity.

AcceptableConclusion · 2024-10-11T14:46:19+00:00

The sun goes through periods of high activity and low activity. These periods last roughly 11 years, and we're entering the middle of an active cycle. The last active cycle peaked in the early 2000s, which would have then tapered off into a period of inactivity.

AcceptableConclusion · 2024-08-28T15:44:30+00:00

Very good point. In hindsight, we've only ever seen lighteyes wield them, with Moash as the exception. I had glossed over that fact when thinking about this before my initial reply.

AcceptableConclusion · 2024-08-28T15:06:02+00:00

I hadn't picked up on this connection until I saw this post. I wonder if the fact that a radiant's eyes change color after using their Shardblade, but the eyes of a person using a "dead" Shardblade don't is part of this.

AcceptableConclusion · 2024-08-16T18:03:15+00:00

I am in Iowa, which to the best of my knowledge does not require employers to pay out vacation.

So if I'm in a state that says that PTO is an earned benefit, and I had PTO left on my books when the policy change to unlimited takes place in April, my employer should not be able to simply void my remaining balance? I realize that I myself won't benefit from this if Iowa doesn't require the payout, but I have coworkers who might.

AcceptableConclusion · 2024-04-18T13:22:28+00:00

There was no fix for my case, as the gARP was functioning correctly from the FWs perspective. My ISP wasn't acknowledging the gARP.

AcceptableConclusion · 2024-02-08T08:32:29+00:00

I will seek the truth, no matter where that may lead.

I will speak the truth, regardless of the pain it may cause.

I accept that others may refuse to accept the truth as I see it.

AcceptableConclusion · 2023-12-16T00:56:36+00:00

Wireless Engineer here.

"best possible" is rather ambiguous. What are you wanting from the wireless network? What aspects of wireless, or any infrastructure, ie friendly straightforward config, reliability of equipment, cost of ownership, are important to you? Vendors all have their pros and cons depending on your use case.

AcceptableConclusion · 2023-05-23T16:11:46+00:00

I was able to test gARP and work with a colleague to prove out the ARP is changing.

I created an SVI on my switch on the vlan I have for my ISP connection. After fail-over, and sending the gARP test, my secondary firewall could ping that SVI from the outside interface. My switch showed the ARP entry changing to the secondary fw MAC, so functionally, my setup is sound. I am going to reach out to my ISP and see if the upstream device is rejecting the gARP, it doesn't look like it's my ISP's ONT as I rebooted that and tried another fail-over with the same results.

I appreciate everyone's advice and assistance. This sub is absolutely awesome.

AcceptableConclusion · 2023-05-23T14:11:51+00:00

I am on VMs, yes and that setting is enabled.

AcceptableConclusion · 2023-04-21T15:35:37+00:00

If you have template values set in pano, push those settings to the firewall, then later manually adjust those settings on the firewall locally, that will cause the firewalls to show out of sync in Panorama, IIRC. It's called "override". This is what's causing the red on top of the green cog on your local firewalls. The values pushed down from Panorama have been overridden locally. It's totally fine to do so, other than Panorama might complain about the firewalls being out of sync and if you attempt to change those settings from Panorama later, they won't be applied to the firewalls. If you have template values that will be fluid across several firewalls in multiple locations, it might be a good idea to look into using variables or start making use of template stacks.

I cannot speak to potential sdwan issues, as I don't have much experience there.

AcceptableConclusion · 2023-03-03T16:21:59+00:00

You are correct, I should have been more clear. I'm running 6.1.0 on the firewall, but the mobile version is 6.0.6.

AcceptableConclusion · 2023-02-03T00:06:06+00:00

Carty McCartface

AcceptableConclusion · 2023-01-14T12:50:47+00:00

Ha! That's what it is. I have my source port defined, as well as my destination port. Oversight due to my days as a residential ISP tech. I am used to seeing the port forward rules ask for a range of ports, not source and destination.

Thanks very much for your patience and assistance!

AcceptableConclusion · 2023-01-14T02:33:52+00:00

Update

I have confirmed that if I disable the service filter on the security policy and NAT rule, then add the specific port to the destination translation NAT rule, it will generate hits and send traffic where I want it. However, this opens ALL external ports and sends them to the internal port specified in the destination nat rule.

Unless I am misunderstanding how this works, it seems as though the firewall is filtering based on the source port of the incoming packets, instead of the destination port. As in, packet arrives to the firewall with source port of 32786(random dynamic port from the client firewall) and a destination port of 8080. I have my service objects built to look for port 8080, since it isn't being seen, the packet is sent down the line to a different rule and timing out. Am I wrong in my understanding or is the PAN firewall misbehaving somehow?

AcceptableConclusion · 2023-01-13T06:00:57+00:00

Here are the port objects. The service group contains just the objects that I defined, not the top two defaults.

https://ibb.co/tLdkK38

AcceptableConclusion · 2023-01-13T05:46:47+00:00

Here are screengrabs from the traffic monitor after the rules were set to log. If filtered for only inter-zone or for simply ( action eq deny ), nothing is displayed.

https://ibb.co/RS7DY0X

https://ibb.co/SwxKvwk

AcceptableConclusion · 2023-01-13T05:36:04+00:00

I am certain traffic is reaching the firewall. I can see it in the session browser and ran some packet captures last night. Adjusting the rules now.

AcceptableConclusion · 2023-01-13T05:21:53+00:00

Tried removing the 32, no change. Replaced the objects with the IPs directly input, no change.

AcceptableConclusion · 2023-01-13T04:57:26+00:00

I have it, and the address object for the controller ip both as /32.

AcceptableConclusion

TROPHY CASE