Thursday, September 07, 2023
support@conference.yunohost.org
September
Mon Tue Wed Thu Fri Sat Sun
        1
 2
 3
4
 5
 6
 7
 8
 9
 10
11
 12
 13 14
 15
 16
 17
18
 19
 20
 21
 22
 23
 24
25
 26
 27
 28
 29
 30
  
             

[16:05:47] <Chatpitaine Caverne> The 3.2.0 release of Mobilizon is available with arm64 package : https://packages.joinmobilizon.org/3.2.0/
If the packagers team need help, I have some time available, but little skills... 😸
[16:08:16] <ctarx> Hi. Is the command `sudo yunohost firewall allow --port=67/udp --source=LAN` available?

I want to add this rule only locally.
[16:08:36] <ctarx> I don't currently have access to Yunohost to check.
[16:08:47] <Chatpitaine Caverne> ```
sudo yunohost firewall --help
usage: yunohost firewall {list,allow,disallow,upnp,reload,stop} ... [-h]

Manage firewall rules

optional arguments:
-h, --help show this help message and exit

actions:
{list,allow,disallow,upnp,reload,stop}
list List all firewall rules
allow Allow connections on a port
disallow Disallow connections on a port
upnp Manage port forwarding using UPnP
reload Reload all firewall rules
stop Stop iptables and ip6tables
```

[16:10:18] <tituspijean> Adding `--help` to any command can help you out. `--source` does not exist for such command.
[16:10:21] <tituspijean> You will have to tweak iptables manually
[16:11:29] <ctarx> Thank you.
[16:12:19] <ctarx> > <@titus:pijean.ovh> You will have to tweak iptables manually

After modifying iptables, do the rules also appear in the web admin?"
[16:13:49] <tituspijean> Noe
[16:14:35] <tituspijean> But I actually dunno if YunoHost's handling of iptables would override your rule
[16:16:15] <Aleks (he/him/il/lui)> pretty sure Yunohost will purge all iptable rules when firewall is reloaded, the proper way is to add a regen conf post firewall reload rule thingy
[16:16:39] <Aleks (he/him/il/lui)> https://yunohost.org/en/packaging_apps_hooks#post-iptable-rules
[16:54:25] <ctarx> Let me rephrase my question. I currently have Yunohost in a DMZ, and I want to use AdGuard Home as both a DHCP server and DNS server. My router doesn't allow changing DNS settings (only WAN DNS), which is why I want to utilize a DHCP server. I have a similar setup with a Raspberry Pi running Pi-hole, but it's not in the DMZ. I'm unsure if it's a good idea to open ports 67 and 68, which is why I was considering doing it only for the local network. What would be the best approach in this situation?
[20:03:17] <orhtej2> Wait what happened to nalla22?
[20:04:16] <orhtej2> @[Mjolnir Archon] is a bot, right?