Sounds like clients could do a better job in merging cross-posts and making it easier to filter them from the view.

Maybe you already figured this out but I think it’s a common gotcha:

Wireguard AllowedIPs means just that: IP addresses that are allowed to be routed over the tunnel.

There is nothing that says that you need to have 1-to-1 mapping between that and actual routes. Most of the time it’s what you want but there are situations where you want it different. Some people have a wider subnet for AllowedIPs but only add certain routes specifically.

wg-quick additionally adds corresponding ip routes as a convenience. systemd-networkd did at some point but don’t anymore. I’m not sure what NetworkManager’s Wireguard plugin is even supposed to be doing there these days. Most of the time what looks broken is actually a result of unclear documentation and a mismatch in assumptions between dev and user.

It’s an understandable source of confusion and the tools don’t always help when they try to.

Just to be clear, most of these (think about egrep/fgrep for a moment) are deprecated and “shouldn’t be used” in scripts for distribution. What’s new is that you can’t expect everyone else to have them and having dependency on them in shipped software is considered antipattern.

Nobody gives a shit what aliases and shims you use in your own shell.

On iptables: By now it’s even gone from kernel and the turn tabled with the cli command now actually being a shim calling into its successor nft. IMO nft is much more approachable for beginners to pick up and the rules files become so much more readable and maintainable. If you’re already committed to iptables syntax then cool - but with very few exceptions I don’t think anyone needs to learn iptables today - just go straight to nft and you’ll be happier for it. Similar for ifconfig.

ip -br a, even

Oh actually I wouldn’t know - maybe it’s one of those funny crossovers! Will have to remember asking about it next time I meet my Brazilian friend. If it works for you then why not ^^

master( ͡° ͜ʖ ͡°)main

still pissed the name is not inspired on a canine/lupine

I kind of want to keep that subtle but it is there :p

Follow-up hint: In Japan they sound different than in Norway

Good to know on the crossposting. And thanks for encouragement! If winds are willing we can also land a patch for this in Tor Browser (and I guess consequentially Mullvad). Only feels fair to try contributing back since we are effectively benefiting from their contributions and if we get reviewing eyes on code in process it’s win-win.

Grumpy ken thinks “Just use Foo” meming is promoting mindless use and I think should therefore be discouraged. Even in jest I think this affects us subconsciously to feel more comfortable with not thinking deeper for ourselves. Even if X is the right one. “Use Foo already!” is nicer~!

If I may illustrate:

Use Konform Browser¹ already!

¹: Disclosures: Am dev; is LibreWolf fork

Konform Browser is more recent Firefox (actually LibreWolf) fork which goes even further in debloating, removing “AI” functionality and disabling remote connections. It’s based on Firefox ESR (like GNUZilla IceCat).

fedi thread

If you have concerns about the telemetry and browser metadata privacy parts of AI integrations, I think Konform, IceCat, Waterfox and Mullvad Browser are a lot more relevant than Zen…

wwwww