config_local_arch - Device dependent config files for Arch Linux, managed by https://git.flylightning.xyz/fsh/tree/sh/cfg (git bare repo method)

Age	Commit message (Collapse)	Author
2025-07-25	nft use iifname instead of iif for ipv6net	Xiao Pan
	iif need the interface exist, iifname don't need, more see man nft. If use iif, after reboot when nft start, ipv6net interface seems do not exist, so nft will error and failed to start. Use iifname can fix this issue.
2025-07-24	nft use /etc/services phantun port name instead of 59083 port number	Xiao Pan

2025-07-24	swgp go through phantun, more see vc notes	Xiao Pan

2025-07-13	nft accept monerod-p2p port to forward to insp	Xiao Pan

2025-07-13	nft define a set variable for two ip to use, allow port forward monerod-p2p	Xiao Pan

2025-07-09	nft masquerade 6in4 sit tunnel network interface name ipv6net so insp wg to ↵	Xiao Pan
	ba can use ipv6
2025-07-08	init ba	Xiao Pan

2025-07-04	init xyzru VPS	Xiao Pan

2025-07-04	nft config studio wg swgp wg to ca, studio use ::b ip6, ca use ::a ip6 so it ↵	Xiao Pan
	can do acme.sh
2025-05-02	Add nft rules to port forward insp xmrd p2p when insp VPN into it	Xiao Pan
	Also added monero-p2p port number to /etc/services for nft to use
2024-06-28	feat: wg and swgp config, mainly for aa	Xiao Pan

2024-04-09	swith to new ca server; wireguard no need	Xiao Pan

2024-04-05	Add email server configs	Xiao Pan
	References: https://github.com/LukeSmithxyz/emailwiz https://landchad.net/ https://wiki.archlinux.org/title/Postfix https://wiki.archlinux.org/title/Dovecot https://wiki.archlinux.org/title/OpenDKIM https://wiki.archlinux.org/title/OpenDMARC Maybe useful: https://doc.dovecot.org/settings/core/#dovecot-core-settings https://workaround.org https://kyun.host/docs/guides/email `man postconf.5` More necessary commands notes see arch_install.md
2024-03-20	add future maybe enable ports to nft conf	Xiao Pan

2024-03-18	ca no qbt	Xiao Pan

2024-03-11	Rename to wg0 so no need change names for new computer config.	Xiao Pan

2024-03-05	fix: name ia not ka	Xiao Pan

2023-12-03	newer kernel no need for `chain prerouting { type nat hook prerouting ↵	Xiao Pan
	priority -100; policy accept; }`, more see https://www.procustodibus.com/blog/2021/11/wireguard-nftables/
2023-12-03	maybe prevent ipv6 leak	Xiao Pan

2023-11-17	change wg0 to wg_ka	Xiao Pan

2023-07-07	allow from wg0 network interface so when connected via wireguard, I can ↵	Xiao Pan
	access local services in xyzka that does not have port open for outside
2023-07-07	try close qbt-nox port and only access qbt-nox via wireguard	Xiao Pan

2023-07-04	debloat	Xiao Pan

2023-07-01	change qbt port name etc.	Xiao Pan

2023-06-29	wireguard nft firewall configs	Xiao Pan

2023-06-29	prepare for wg	Xiao Pan

2023-06-13	HDD monerod even with `monero-blockchain-import ↵	Xiao Pan
	--dangerous-unverified-import 1` is still super slow on ka, I give up
2023-06-12	change monero-p2p port to default, open that port	Xiao Pan

2023-06-12	update	Xiao Pan

2023-06-12	update	Xiao Pan

2023-06-01	nft, iperf3 port, commented out, maybe useful for future	Xiao Pan

2023-05-31	edit some files	Xiao Pan

2022-05-28	nftable accept monerod mullvad forward port	xyz

2022-03-12	nft no test rpi-vid port	xyz

2022-03-05	open rpi-vid port for testing	xyz

2022-02-10	nftables allow mullvad vpn port forwarding	xyz

2022-01-30	nftables.conf, allow qrcp, drop ssh and searx, based on services and config ↵	xyz
	files
2022-01-30	nftables.conf, create and delete tables at top so can reload	xyz

2022-01-30	nftables.conf, edited according to examples in arch wiki	xyz

2022-01-30	add nftables.conf original	xyz