I want a Tails-like LiveUSB OS like tails, but without the tor reliance. Does anyone have a suggestion? Heads is dead, last release 2018, but it resembles what I am looking for.

Here's an outline of the goal of my setup: Guest VM 0(in NAT): 192.168.101.100:80 --> Host: 192.168.86.73:8080 Guest VM 1(in NAT): 192.168.101.85:8096 --> Host: 192.168.86.73:8081 Guest 1&0: 192.168.101.100:22 --> Host: 192.168.86.73:2222 I want to forward jellyfin from a vm to a host. Unfortunately, jellyfin doesn't let me do that. Everything is alma linux. When going to 192.168.86.73:808(0,1) in a browser, I receive unable to connect, and when I wget it, I get `Connecting to 192.168.86.73:8080... failed: No route to host.` However, I can ssh into the vms from ports 2222 and 2223. This is different from my last issue where I couldn't access any ports at all, ssh or web. I set up a hook in `/etc/libvirt/hooks/qemu` according to [this guide](https://wiki.libvirt.org/Networking.html#forwarding-incoming-connections), which works for ssh but doesn't work for Jellyfin. I know jellyfin is working, because from my host machine I can run `wget 192.168.101.100` and it returns the jellyfin home. I also know nginx isn't the issue for the same reason. Here is my specific hook file: ``` #!/bin/bash if [ "${1}" = "Jellyfin" ]; then # Update the following variables to fit your setup # Remember to change virbr0 to virbr1 if needed. GUEST_IP=192.168.101.100 GUEST_PORT=22 HOST_PORT=2222 GUEST_PORT2=8096 HOST_PORT2=8081 if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then /sbin/iptables -D FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT -j ACCEPT /sbin/iptables -t nat -D PREROUTING -p tcp --dport $HOST_PORT -j DNAT --to $GUEST_IP:$GUEST_PORT /sbin/iptables -D FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT2 -j ACCEPT /sbin/iptables -t nat -D PREROUTING -p tcp --dport $HOST_PORT2 -j DNAT --to $GUEST_IP:$GUEST_PORT2 fi if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then /sbin/iptables -I FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT -j ACCEPT /sbin/iptables -t nat -I PREROUTING -p tcp --dport $HOST_PORT -j DNAT --to $GUEST_IP:$GUEST_PORT /sbin/iptables -I FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT2 -j ACCEPT /sbin/iptables -t nat -I PREROUTING -p tcp --dport $HOST_PORT2 -j DNAT --to $GUEST_IP:$GUEST_PORT2 fi elif [ "${1}" = "Nginx" ]; then # Update the following variables to fit your setup # Remember to change virbr0 to virbr1 if needed. GUEST_IP=192.168.101.85 GUEST_PORT=22 HOST_PORT=2223 GUEST_PORT2=80 HOST_PORT2=8081 if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then /sbin/iptables -D FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT -j ACCEPT /sbin/iptables -t nat -D PREROUTING -p tcp --dport $HOST_PORT -j DNAT --to $GUEST_IP:$GUEST_PORT /sbin/iptables -D FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT2 -j ACCEPT /sbin/iptables -t nat -D PREROUTING -p tcp --dport $HOST_PORT2 -j DNAT --to $GUEST_IP:$GUEST_PORT2 fi if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then /sbin/iptables -I FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT -j ACCEPT /sbin/iptables -t nat -I PREROUTING -p tcp --dport $HOST_PORT -j DNAT --to $GUEST_IP:$GUEST_PORT /sbin/iptables -I FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT2 -j ACCEPT /sbin/iptables -t nat -I PREROUTING -p tcp --dport $HOST_PORT2 -j DNAT --to $GUEST_IP:$GUEST_PORT2 fi fi ``` Here is the result of `iptables -nvL`: ``` Chain INPUT (policy ACCEPT 82683 packets, 6162K bytes) pkts bytes target prot opt in out source destination 82710 6165K LIBVIRT_INP all -- * * 0.0.0.0/0 0.0.0.0/0 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 16 960 ACCEPT tcp -- * virbr1 0.0.0.0/0 192.168.101.100 tcp dpt:8096 153 13152 ACCEPT tcp -- * virbr1 0.0.0.0/0 192.168.101.100 tcp dpt:22 569 219K DOCKER-USER all -- * * 0.0.0.0/0 0.0.0.0/0 569 219K DOCKER-ISOLATION-STAGE-1 all -- * * 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- * docker0 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 DOCKER all -- * docker0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- docker0 docker0 0.0.0.0/0 0.0.0.0/0 44 32161 ACCEPT all -- * br-8ac694360d19 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 0 0 DOCKER all -- * br-8ac694360d19 0.0.0.0/0 0.0.0.0/0 45 4419 ACCEPT all -- br-8ac694360d19 !br-8ac694360d19 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- br-8ac694360d19 br-8ac694360d19 0.0.0.0/0 0.0.0.0/0 480 183K LIBVIRT_FWX all -- * * 0.0.0.0/0 0.0.0.0/0 480 183K LIBVIRT_FWI all -- * * 0.0.0.0/0 0.0.0.0/0 301 28065 LIBVIRT_FWO all -- * * 0.0.0.0/0 0.0.0.0/0 Chain OUTPUT (policy ACCEPT 100K packets, 12M bytes) pkts bytes target prot opt in out source destination 100K 12M LIBVIRT_OUT all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DOCKER (2 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- !br-8ac694360d19 br-8ac694360d19 0.0.0.0/0 172.18.0.5 tcp dpt:2283 Chain DOCKER-ISOLATION-STAGE-1 (1 references) pkts bytes target prot opt in out source destination 0 0 DOCKER-ISOLATION-STAGE-2 all -- docker0 !docker0 0.0.0.0/0 0.0.0.0/0 45 4419 DOCKER-ISOLATION-STAGE-2 all -- br-8ac694360d19 !br-8ac694360d19 0.0.0.0/0 0.0.0.0/0 569 219K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-ISOLATION-STAGE-2 (2 references) pkts bytes target prot opt in out source destination 0 0 DROP all -- * docker0 0.0.0.0/0 0.0.0.0/0 0 0 DROP all -- * br-8ac694360d19 0.0.0.0/0 0.0.0.0/0 45 4419 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain DOCKER-USER (1 references) pkts bytes target prot opt in out source destination 569 219K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 Chain LIBVIRT_FWI (1 references) pkts bytes target prot opt in out source destination 179 154K ACCEPT all -- * virbr1 0.0.0.0/0 192.168.101.0/24 ctstate RELATED,ESTABLISHED 0 0 REJECT all -- * virbr1 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED 0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain LIBVIRT_FWO (1 references) pkts bytes target prot opt in out source destination 301 28065 ACCEPT all -- virbr1 * 192.168.101.0/24 0.0.0.0/0 0 0 REJECT all -- virbr1 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable 0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0 0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable Chain LIBVIRT_FWX (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT all -- virbr1 virbr1 0.0.0.0/0 0.0.0.0/0 0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0 Chain LIBVIRT_INP (1 references) pkts bytes target prot opt in out source destination 24 2082 ACCEPT udp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 3 966 ACCEPT udp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 0 0 ACCEPT tcp -- virbr1 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67 Chain LIBVIRT_OUT (1 references) pkts bytes target prot opt in out source destination 0 0 ACCEPT udp -- * virbr1 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- * virbr1 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 3 987 ACCEPT udp -- * virbr1 0.0.0.0/0 0.0.0.0/0 udp dpt:68 0 0 ACCEPT tcp -- * virbr1 0.0.0.0/0 0.0.0.0/0 tcp dpt:68 0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:53 0 0 ACCEPT tcp -- * virbr0 0.0.0.0/0 0.0.0.0/0 tcp dpt:53 0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68 0 0 ACCEPT tcp -- * virbr0 0.0.0.0/0 0.0.0.0/0 tcp dpt:68 ``` and `iptables --list-rules` ``` -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT -N DOCKER -N DOCKER-ISOLATION-STAGE-1 -N DOCKER-ISOLATION-STAGE-2 -N DOCKER-USER -N LIBVIRT_FWI -N LIBVIRT_FWO -N LIBVIRT_FWX -N LIBVIRT_INP -N LIBVIRT_OUT -A INPUT -j LIBVIRT_INP -A FORWARD -d 192.168.101.100/32 -o virbr1 -p tcp -m tcp --dport 8096 -j ACCEPT -A FORWARD -d 192.168.101.100/32 -o virbr1 -p tcp -m tcp --dport 22 -j ACCEPT -A FORWARD -j DOCKER-USER -A FORWARD -j DOCKER-ISOLATION-STAGE-1 -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -o docker0 -j DOCKER -A FORWARD -i docker0 ! -o docker0 -j ACCEPT -A FORWARD -i docker0 -o docker0 -j ACCEPT -A FORWARD -o br-8ac694360d19 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A FORWARD -o br-8ac694360d19 -j DOCKER -A FORWARD -i br-8ac694360d19 ! -o br-8ac694360d19 -j ACCEPT -A FORWARD -i br-8ac694360d19 -o br-8ac694360d19 -j ACCEPT -A FORWARD -j LIBVIRT_FWX -A FORWARD -j LIBVIRT_FWI -A FORWARD -j LIBVIRT_FWO -A OUTPUT -j LIBVIRT_OUT -A DOCKER -d 172.18.0.5/32 ! -i br-8ac694360d19 -o br-8ac694360d19 -p tcp -m tcp --dport 2283 -j ACCEPT -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2 -A DOCKER-ISOLATION-STAGE-1 -i br-8ac694360d19 ! -o br-8ac694360d19 -j DOCKER-ISOLATION-STAGE-2 -A DOCKER-ISOLATION-STAGE-1 -j RETURN -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP -A DOCKER-ISOLATION-STAGE-2 -o br-8ac694360d19 -j DROP -A DOCKER-ISOLATION-STAGE-2 -j RETURN -A DOCKER-USER -j RETURN -A LIBVIRT_FWI -d 192.168.101.0/24 -o virbr1 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A LIBVIRT_FWI -o virbr1 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWI -d 192.168.122.0/24 -o virbr0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT -A LIBVIRT_FWI -o virbr0 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWO -s 192.168.101.0/24 -i virbr1 -j ACCEPT -A LIBVIRT_FWO -i virbr1 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWO -s 192.168.122.0/24 -i virbr0 -j ACCEPT -A LIBVIRT_FWO -i virbr0 -j REJECT --reject-with icmp-port-unreachable -A LIBVIRT_FWX -i virbr1 -o virbr1 -j ACCEPT -A LIBVIRT_FWX -i virbr0 -o virbr0 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p udp -m udp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p tcp -m tcp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p udp -m udp --dport 67 -j ACCEPT -A LIBVIRT_INP -i virbr1 -p tcp -m tcp --dport 67 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p udp -m udp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p tcp -m tcp --dport 53 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p udp -m udp --dport 67 -j ACCEPT -A LIBVIRT_INP -i virbr0 -p tcp -m tcp --dport 67 -j ACCEPT -A LIBVIRT_OUT -o virbr1 -p udp -m udp --dport 53 -j ACCEPT -A LIBVIRT_OUT -o virbr1 -p tcp -m tcp --dport 53 -j ACCEPT -A LIBVIRT_OUT -o virbr1 -p udp -m udp --dport 68 -j ACCEPT -A LIBVIRT_OUT -o virbr1 -p tcp -m tcp --dport 68 -j ACCEPT -A LIBVIRT_OUT -o virbr0 -p udp -m udp --dport 53 -j ACCEPT -A LIBVIRT_OUT -o virbr0 -p tcp -m tcp --dport 53 -j ACCEPT -A LIBVIRT_OUT -o virbr0 -p udp -m udp --dport 68 -j ACCEPT -A LIBVIRT_OUT -o virbr0 -p tcp -m tcp --dport 68 -j ACCEPT ``` Keep in mind I have docker running so some rules may not be relevant. `sysctl net.ipv4.ip_forward` returns `net.ipv4.ip_forward = 1` I've set the firewall backend of libvirt to iptables in `/etc/libvirt/network.conf`: ``` firewall_backend = "iptables" ``` Trying to solve this issue originally, I switched from Rocky to Fedora, but on my rocky and alma install this worked fine both times. Thank you so much for the continued support with my issues!

Here's the setup: - Fedora 41 Server host - Libvirt/QEMU - Alma 9 guest running ssh My goal is to forward ports from the guest to the host, but change them. I set up a hook(as in the [libvirt docs](https://wiki.libvirt.org/Networking.html#forwarding-incoming-connections)) and it worked on my last server. My hook looks like: ``` #!/bin/bash if [ "${1}" = "Jellyfin" ]; then # Update the following variables to fit your setup GUEST_IP=192.168.101.4 GUEST_PORT=22 HOST_PORT=2222 if [ "${2}" = "stopped" ] || [ "${2}" = "reconnect" ]; then /sbin/iptables -D FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT -j ACCEPT /sbin/iptables -t nat -D PREROUTING -p tcp --dport $HOST_PORT -j DNAT --to $GUEST_IP:$GUEST_PORT fi if [ "${2}" = "start" ] || [ "${2}" = "reconnect" ]; then /sbin/iptables -I FORWARD -o virbr1 -p tcp -d $GUEST_IP --dport $GUEST_PORT -j ACCEPT /sbin/iptables -t nat -I PREROUTING -p tcp --dport $HOST_PORT -j DNAT --to $GUEST_IP:$GUEST_PORT fi fi ``` However, when I ssh to my server:2222, it doesn't work, "Connection refused." I can ssh from inside my server to my guest's ip address, so I know it's not an issue with ssh itself. The guest's iptables rules are: ``` -P INPUT ACCEPT -P FORWARD ACCEPT -P OUTPUT ACCEPT ``` so that's probably not the issue. My server's iptables rules include: ``` -A FORWARD -d 192.168.101.4/32 -o virbr1 -p tcp -m tcp --dport 22 -j ACCEPT ``` , so it appears the forwarding happened, but an nmap scan reveals the port is closed: ``` 2222/tcp closed EtherNetIP-1 ``` I'm baffled by this issue. Any help would be greatly appreciated!

Using latest fedora 41 with Plasma Mobile, I can't get Bluetooth to work. Nothing shows up running `bluetoothctl list`. It's an intel wireless 7265, which shows up as a network controller under lspci, but the bluetooth part doesnt. `hciconfig` returns nothing. Steps I've taken: `sudo modprobe bluetooth` `sudo dnf install bluez bluez-utils` `sudo systemctl start bluetooth` I'm having deja vu where I followed all these steps before, but somehow I'm stuck here. Thank you for any help.

I've got an x86 tablet, and I don't want to run Windows or Android, so I have always been left with the option of Linux with GNOME. GNOME is a solid DE, but despite the design language, it is nowhere near ready for touchscreens. Depending on the distro, it was either severely outdated or just generally buggy, particularly with the onscreen keyboard. This lead my to completely abandon my tablet for a while, but today I had an arbitrary though that I should try out KDE Plasma Mobile. Low and behold, it was exactly what I needed for my tablet. I expected it to be a bit buggy, because I had tried out KDE Bigscreen and this seemed like the mobile equivalent of bigscreen, a fork that is half-baked and still has lots of work to do before it's worth daily driving. Imagine my shock when I booted the Fedora liveUSB and everything felt incredibly fluent and polished. I knew about 15 seconds in that I was switching. The navigation feels like an Android tablet, which I see as a positive, and the keyboard is just so much larger and more responsive. The GNOME default OSK is hardly usable because it's letters are so small, so this was a relief being able to type with no need for checking that I'm writing correctly every few characters. The next thing I noted is how polished it feels even for large screens(I have a 12 inch tablet). The gestures work on the whole screen, and this makes it feel effortless to navigate around. The final thing I want to touch on before I stop glazing is the really good performance. I have a very old tablet, about 10 years old, and the performance felt like it was brand new. Thanks for reading my glazing exhortation, and if you have a tablet, I couldn't recommend Plasma Mobile more. P.S. does anyone know where KDE connect is?

They have adopted Cloudflare and used IP blocking. This does not impact their repos, just the forum.

So I have this weird deja vu situation where I distinctly remember an EXIF viewer tool called exiv4(with a 4) but the only "exiv" tool I can find is exiv2. I can't get over this feeling that I used an EXIF viewer called exiv4, however. I can only find an old Stack Exchange post mentioning it. Does *anyone* know about an exiv4 tool, or am I just crazy?

***Sorry if this is a yapathon, this is a detailed issue, and I will put an AI summary in the comments*** *I have already made a post about that but that was outdated and I learned some new information. If anyone thinks it's cluttering their feeds, I will delete the post, just ask.* I have been absolutely stumped by this issue that I'm facing, even as a 5-year Linux user. I have just got my hands on a Getac F110-G2 tablet. It came with Windows 10 pre-installed, and *everything* functioned perfectly fine. Of course, I don't like Windows and I shortly went to installing Debian, and got a GNOME live image straight from their website. I downloaded, flashed to a USB drive, and installed. **The installer booted and functioned perfectly fine**, with the only weird thing being a random signoff which didn't seem to break anything. One thing to note is that I installed and started `gpsd`, but that shouldn't mean anything because that was a live image. I clicked reboot, and the tablet seemed to reboot normally, until the boot process started. When nothing happened but a black screen for a minute, I rebooted my tablet, but that didn't do anything either. Than, I rebooted to the installation media to try another install. It was black too. This caused me to try *re-flashing* the USB drive with the same Debian, but no luck. I tried to disable TPM which I know can cause some issues, and still no luck. I also switched between UEFI and Legacy boot modes, and observed that the installed version of debian had only installed on legacy. I contacted Getac support because no secure boot toggle was in the BIOS, and they directed me to it. I disabled secure boot and still no luck. I've tried again a few times, and that's where I'm at. Also note that I've tried with my TV as a display and that didn't work either, so it's definitely not a display issue. I tried a different USB stick with no luck, and it seems like my tablet is just soft-bricked from now on. **So where to now?** - I've thought about installing the SSD to my PC's motherboard, wiping it clean, and then re-installing to try and boot.

***This is an old post, I plan on making a new one with updated details.*** I was installing Debian on my Getac F100-G2, and I booted to the live usb perfectly fine. I tested everything and it seemed to work great, except for one time I got logged out randomly. I installed it(overwriting windows) and it completed with no error. When I rebooted, it booted to a black screen and did not provide any error message. I've tried booting to the same installation media as well, and it does the exact same. I've switched between legacy boot and uefi, which has been an issue in the past with debian. I have also tried booting from a pureos live usb and that hasn't worked either. Getac devices are for enterprise use more than person, and rather poorly documented, so any help is appreciated!**___****___****___**

I keep seeing this dog thing popping up across Instagram, and want to know if anybody knows who he is. I've Google image searched and nothing but more shitposts. Does anyone have ideas? Thank you!

I keep seeing this dog thing popping up across Instagram, and want to know if anybody knows who he is. I've Google image searched and nothing but more shitposts. Does anyone have ideas? Thank you!