die Kaffeesatzleserei - reading in coffee beans (heard at work)

screen attaching screens without full name

I shouldn’t forget that screen -R screenname can be replaced by screen -R s if it’s the only screen with such a name. Not sure if better or worse than tab completion, likely worse because it’s surprising, but quite nice to use.

Logoff i3 with a CLI

i3-msg exit1 does the magic.

Blocking ips with ipset

ipset -N myset nethash  # create myset
ipset add myset 
iptables -I INPUT -m set --match-set myset src -j DROP # create temporary iptables thing

# making it persistent

ipset save > /etc/ipset.conf

# then enable ipset services

# Listing stuff
ipset -L

# Deleting set
ipset destroy myset

iptables basics

If you can’t destroy an ipset set because it’s being used by kernel:

iptables -L --line-numbers returns this:

Chain INPUT (policy DROP)
num  target     prot opt source               destination
1    DROP       all  --  anywhere             anywhere             match-set myset src

Then to delete number 1:

iptables -D INPUT 1

Generally blocking countries

GitHub - mkorthof/ipset-country: Block countries using iptables + ipset + can do both a whitelist and a blacklist.