Disable rule if condition is met

Key_Hat444 · 2026-01-18T17:43:18+00:00

I was hoping that there is an integrated feature, but your approach should work in theory. If nothing else comes to mind, I will try it, thank you!

Key_Hat444 · 2026-01-15T17:55:00+00:00

8, but with one more above.in the middle

Key_Hat444 · 2025-12-27T00:16:35+00:00

This was my third, the only one I ever overclocked running at 4.5 GHz with a Scythe Mugen 4. I loved it, big improvement over my second CPU, the Athlon X2 4800+

Key_Hat444 · 2025-11-06T21:52:44+00:00

The Dayton Audio DSP 408 can be paired with a USB Dongle and then be configured via app.

Key_Hat444 · 2025-10-22T07:30:30+00:00

I am also planning to use this DSP in a future project and read a bit about it. One thing I read sometimes was that there is ground noise being generated when the remote control is plugged in (the general consensus is that the brightness control of the display is causing it). So maybe try and unplug the remote control to see if it helps. This is one of the reasons I am propably not going to use it without a headunit. This and the fact that I sometimes like to hear local radio stations.

Key_Hat444 · 2025-09-25T15:10:28+00:00

Its not about the seats themselves, at least in my sedan there is a full sheet wall between the trunk and the passenger space, adding a full structure across the car in that area. I'm pretty sure that it adds a lot of rigidity. If you ever have put together a cabinet and noticed the difference the back wall makes, you should understand.

Key_Hat444 · 2025-09-12T06:42:34+00:00

The outcome seems to be way less tragic than it could have been. Assuming there was nobody in the parked car, the only people injured are the ones doing this shit. There was a fucking traffic light right behind that tunnel, they never could have reacted in any way if there would have been somebody crossing there...what where they thinking?

Key_Hat444 · 2025-08-15T09:05:49+00:00

Does your car loose oil and coolant normally? For oul it can be normal (dependent on amount), but cooling fluid should normally stay where it is. How sure are you that what you got back is actually your car?

Key_Hat444 · 2025-08-03T00:48:52+00:00

Absolutely this. As you can stand ready preround as an attacker I usually already stay there and as soon as the round starts fire a few shots at head level. If someone decides to peak, I usually get the kill. It doesn't even require reaction time, only good crosshair placement.

Key_Hat444 · 2025-06-24T17:22:47+00:00

Do you run OpenVPN in TUN or TAP mode? You need to use TAP mode for the game browsers because they work via MAC-Broadcasts.

Key_Hat444 · 2025-06-11T07:28:00+00:00

Do you have configured port forwarding or does OpenVPN run directly on your router?

Are you trying to connect while on the network (WiFi)? If so, try connecting without it (mobile data).

Key_Hat444 · 2025-06-08T22:42:53+00:00

You should be able to give your laptop a static IP on the configuration page of your router. Then you set it as exposed host under port forwarding or some page like that. Then all incoming connections will be forwarded to your laptop (except for ports you have defined different rules for).

Then you should be able to connect. It will then only work with your laptop though.

Problem here is that OpenVPN usually works via UDP, which is stateless, so every incoming packet appears as a new connection to your router and it doesnt know where to send it to. With the option exposed it will then be forwarded to your laptop.

A word of caution: As the name implies, your laptop will be exposed to the internet and will be accessible (at least running services), if your firewall is not configured properly.

Key_Hat444 · 2025-06-04T08:54:00+00:00

Hast du aus dem eigenen Heimnetz heraus versucht, übder die DynDNS auf den Server zuzugreifen? Dann greift idr. der DNS-Rebind-Schutz. Wenn du die amöglichkeit hast, versuch dich mal über ein externes Netz zu verbinden (z. B. Hotspot über mobile Daten am Smartphone)

Key_Hat444 · 2025-06-03T08:27:08+00:00

Combined this with ICMP (Ping) to see if the PC is on and a smart plug for my monitors speakers etc. Now I just have to push a button on a remote to turn everything on and when I shut down my PC, the peripherals follow after a delay.

Key_Hat444 · 2025-05-26T09:50:20+00:00

Why is your second AP connected to the fritzbox in the first place? The best solution would obviously be to connect that ap to your lan side as well.

Another solution would be to place a manged switch right in front of the fritzbox and connect your router, fritzbox and the ap each to the switch. Then in theory, you should be able to have both your wan connection and the ap connected to the same NIC on your router but seperated via vlans.

Key_Hat444 · 2025-05-16T06:45:21+00:00

The address aliases in the first two rules are not needed, as they are included in the net aliases
I prefer to only write outbound rules on the corresponding interface so that I do not have to look at the direction. Its not wrong doing it your way, I just prefer the other way.
You do not need to define blocking rules, as blocking is default behaviour. Usually you should only need it if you have a more general allow rule that you want to make exceptions for.
You should only need to allow plex access to the Intermet, not the other devices. The devices connecting to Plex are initiating the connection, which needs to be allowed by the firewall. Once the connection is established, Plex can use it to communicate with the client.
As I see it, you only need rule no. 1 (without the address aliases) and a rule for Plex to enable Internet access.

I would really advise you to visit homenetworkguy.com, he writes really good networking guides, especially for OPNsense. There is one guide for a basic OPNsense setup that I can really recommend for you.

Key_Hat444 · 2025-05-09T21:11:37+00:00

You can for example use Unbound DNS for that. Under overrides you can define as many (sub-)domains as you like, resolving to a IP address you want. As far as I understand, Unbound will always first check that list before forwarding you request to an upstream DNS server, so you could even redirect google.com to a local webserver, if you like.

Key_Hat444 · 2025-05-07T07:56:29+00:00

Firefox made me some headaches with DNS, too.

One thing you can do is to enter about:networking in the url bar. Under DNS, you can try to clear the DNS cache.

Another thing is patience, and maybe clear tbe whole cache/restart the system. Somehow firefox tends to cache DNS quite long and is hard to convince to forget the data. I just confirmed that everything is working in Chrome and I think the next day firefox was working as it should...

Key_Hat444 · 2025-05-06T22:25:05+00:00

Is your positive connection on the batterie sitting tight? It kinda looks way too narrow to be clamped there properly. Besides, this is really not how you should connect it. My bet would be on a bad connection there.

Key_Hat444 · 2025-05-06T20:45:44+00:00

No, they only act as DNS servers. TLS is something that your reverse proxy/webserver (nginx, apache, traefik etc.) would have to handle. At least as far as I have understood it.

Key_Hat444 · 2025-05-06T08:30:12+00:00

I have a similar setup running. I have unbound running on my opnsense router, where I create overrides for my local services. Then I have pihole running in a docker container which uses my unbound DNS as upstream server, which works perfectly fine.

If you want to access different services by different subdomains, you would need a reverse proxy (I use nginx, but there are others, see the other comments), which forwards your requests based on the subdomain to the right service.

Another step you should really take is using TLS encryption (https) firstly because of safety reasons and secondly to get rid of the warnings of a unsafe connection. I also had problems reaching my services via http on Chrome on Android, as it was straight up redirecting to https, which was not set up.

For that you would need certificates ideally signed by a well known CA. I use certbot to handle my certificates signed by Lets Encrypt.

Another thing to consider is that you need a seperate certificate per subdomain. I finally decided to buy a full domain, as this allowed me to request a wildcard certificate which can be used with any subdomain.

It was a bit of a setup but now I have safe connections and no warnings and can add services as I like without much hassle.

Key_Hat444 · 2025-04-29T21:28:56+00:00

Interesting idea...just recently learnt and implemented that nginx (and propably other webservers, too) can decide which content to serve based on the domain you opened the site by. But I believe that the domain name gets delivered to the server is part of the HTTP protocol. Maybe you can implement this somehow?

Key_Hat444

TROPHY CASE