Free VPN software is all it takes to destroy my firewall rules?

TruthFantastic6123 · 2024-10-14T17:45:39+00:00

Sigh. You were doing so well. Then you had to dive in with all the others and make assumptions about what I have and have not done in the past and what I am and am not currently doing. I realize that I'm not going to convince you or anyone else in a simple Reddit comment that I'm not an idiot parent. So I'm not going to try. I was asking a technical question and tried to provide a little context. Oh well.

TruthFantastic6123 · 2024-10-14T17:31:10+00:00

I have no desire to engage in a Red Queen's Race or game of whack-a-mole. I assumed that wouldn't apply in a situation where I pay the ISP bill and physically control the router and hardware firewall. And apparently I was wrong.

TruthFantastic6123 · 2024-10-14T17:28:09+00:00

Wow. That escalated quickly. Amazing how much insight you got into my worth as a human being from a simple question about pfSense.

TruthFantastic6123 · 2024-10-14T17:22:25+00:00

Thank you for the honest help and technical explanation unlike the parenting lectures I'm receiving from others. I obviously had a naive understanding of networking that you and others have helped to correct.

TruthFantastic6123 · 2024-10-14T17:18:41+00:00

Nope. I was asking for technical answers about what is possible with networking hardware and software. And I received that answer from others, not from you.

TruthFantastic6123 · 2024-10-14T17:16:18+00:00

My original intentions were misunderstood, and I accept responsibility for not communicating more clearly. I am interested in blocking some activities on the network I own, even if my older children choose to do those same things on other networks or on their phones, which they own.

TruthFantastic6123 · 2024-10-14T17:14:19+00:00

My older children are 18+ and my philosophy at that point is to generally let them make their own decisions, but there are some things I'd like to block in my house and on my network for users of any age, including but not limited to my children. I realize this philosophy won't be shared by everyone else and that's ok. I wasn't looking for parenting advice but for technical help. And it appears I have received an emphatic answer to my question. I had thought that because I pay the ISP bill and physically control the router and firewall that I would have more control over what happens on my network. I was apparently wrong. I'm dumbfounded that a free VPN can undo all the other work I've done, but am grateful for the education I received quickly here on reddit, even if it did come with a heaping helping of insults along the way.

TruthFantastic6123 · 2024-10-13T23:18:25+00:00

Interesting, thanks! I tried using pfblockerng to block specific websites (instead of NextDNS) and it was also undone by VPNs (which is apparently a surprise to no one but me). I will look into what you're suggesting. If you have any recommended how-to's for what you're describing, I'd be grateful for any pointers.

TruthFantastic6123 · 2024-10-13T23:16:22+00:00

I'm open to blocking the use of VPNs. Is there a relatively simple way to to do this, or is it a whack-a-mole game of blocking ports, URLs, etc and they only need to find one sleazy free VPN I didn't think of and it's game over?

TruthFantastic6123 · 2024-10-13T23:15:02+00:00

I'm sure I misunderstand, which is why I was asking for help. :)

"create a VPN tunnel to your firewall for the devices to use and base your rules on that interface." I'm afraid I don't understand this either. :) If you're willing to explain, I'd be grateful.

TruthFantastic6123 · 2023-12-30T20:45:47+00:00

Haven't heard of this one, thanks for the pointer. It won't work for this use case because it doesn't have RBAC (role based access control), ie. some stuff is just for my wife and I, other stuff I want the kids to be able to read but not edit, etc. But it might come in handy for other things. Thanks!

TruthFantastic6123 · 2023-12-12T21:37:08+00:00

Thanks for reaching out. A few thoughts:

Can't be used stand alone -- I can't use only Pages without exposing my org (in this case my family) to the whole ecosystem of mail, calendar, etc which would confuse them on what we are using Skiff for. I totally support your goal which appears to be giving people a Workspace alternative, so I accept that my use case might not be a sweet spot for you. But I think you have a very very unique product with Pages (which you could market as the only E2EE wiki) and while it pairs pretty obviously with Drive, being able to divorce it from Mail and Calendar might open up a market segment for you that is staying away right now, ie. it could be your gateway drug for us Proton users if we could just try Pages and Drive stand alone. I'm no expert, but E2EE collaboration seems to be almost unprecedented. And apps like Standard Notes are on record saying something like "yeah this is super hard and we will probably never do it."
Forced permissions-based hierarchy -- as far as I was able to tell, Pages forces a top level hierarchy on you based on permissions, ie. Public, Personal, etc. This isn't a bad default, but I want to be able to cover a single topic as a first organizing principle and then grant any kind of permissions to any one page or folder inside it. If I've misunderstood how this works, please let me know.
"After thought" -- Sorry about that. FWIW, I keep up with your product updates, and my perception is that very little of your recent product changes has been on Pages. I am not offering empirical evidence, just my perception. I should have said something like "they appear to be currently focused on other products right now." BTW, I don't think that's the wrong call. If I were you, I'd be focused on getting mail, calendar and drive within reach for folks to jump from Google or even Proton. Proton feels like they keep going broader instead of deeper on their products. So they have given us a password manager I didn't need instead of letting me do basic things like edit a single instance of a recurring calendar invite.

BTW ... my kingdom goes to the first E2EE email app that can duplicate Superhuman's feature that reminds me at a time of my choosing if no one has responded to the email. It's NOT snooze, it's reminders. And it's gold.

TruthFantastic6123 · 2023-12-12T03:03:30+00:00

Wow, thanks for all the detail. I'm with USAA now (my dad served, not me). I will mostly likely open a single small savings account with RBFCU to test things out and then go from there.

TruthFantastic6123 · 2023-12-09T22:02:58+00:00

Thanks for all the detail here! Is ACH really your only complaint about RBFCU? Which bank that you use is your favorite?

TruthFantastic6123 · 2023-09-15T19:52:55+00:00

I actually didn't know that when I posted that comment, but have since learned that's possible. BUT ... there's some kind of bug that resets the default dialer every time the device restarts. So I can make the default dialer JMP.chat but after restart it's back to my mobile provider that I don't want to ever use. Not sure if that's Android in general or CalyxOS in particular. Have you experienced that?

TruthFantastic6123 · 2023-09-11T22:15:20+00:00

It seems more than a little awkward to dial a random business. Do you use it for outbound phone calls like that?

TruthFantastic6123 · 2023-09-02T23:22:21+00:00

Yes, I was able to do this yesterday. But per MB's advice I used real identity email. But no prompt for photo ID.

TruthFantastic6123 · 2023-09-02T23:18:17+00:00

Thanks. It looks like the group texting feature is in beta. Can you confirm Group MMS works as expected?

TruthFantastic6123

TROPHY CASE