Ah, so you don’t care about software running locally on the router being able to access things without the VPN but do care if routed traffic does? You might also want to consider if the router offers services like a caching DNS server, a HTTP or SOCKS proxy,… that might look like local traffic to the network layer because a local process initiates connections at the instruction of some other system.

It can never be on the VPN if the outer, encrypted VPN packets are not allowed on the connection. I mention it because it is one of the more complex bits to handle about your requirement, depending on if you always connect to the same IP via VPN or need to connect to a dynamic peer, possibly one you need to look up via DNS first.

At the very least you will need to allow it to route VPN traffic on that port, otherwise your VPN connection won’t work and/or won’t be re-established.

Reminds me of that one book series where the god of chaos has a different name and gender and title every time they are mentioned, and I mean literally later in the same sentence or paragraph.

Reminds me of that restofthefuckingowl place on the other site.

The hated minority being inferior but also immensely powerful is a pretty standard feature of anti-minority world views of all kinds. It is pretty much required to justify the extreme actions they want to take against the minority.

IPv6 binds on wildcard addresses include binding to the IPv4 addresses.

What does ss -tlnp return? Does the process listen on any ports?

That should only affect ports below 1024.

Your two bind addresses might be in conflict with each other since [::]:5234 includes binding to the first one.

While it might be reasonable to expect a web page to behave the way you describe, for anything more in web application territory the expectation that everything you ever loaded will stay visible somehow and available without cooperation of the code implementing the website is ridiculous.

A lot of software writes to log files or temporary files or lock files or database transaction logs as part of its normal function and when those writes fail due to a full disk the software doesn’t work anymore.

Python packaging and stability is a total mess. It has gotten to the point where I just look for alternative tools when I find out something new I found is written in Python.

It is not that the regular frontend doesn’t work and alternative frontends do, it is that half of the stuff on their server (including image uploads and the frontend) don’t work because the admin has no time to deal with it. The problem isn’t the software used but the lack of maintenance.

You want https://tabby.tabbyml.com/ instead of tabby.ml

Especially when all the workarounds to make it barely usable from Mastodon spill over into Lemmy in the form of bots posting weird hashtags or headlines being full of hashtags,…

So really any tab user in any language requiring alignment then?

It is so brave of you to share your struggle with that horrible affliction with us here.

But that is the point. Most people do not use VPNs, you harm very few legitimate customers and save yourself the headache of dealing with all those who use VPNs for scams, attacks, exploits,…

The trade-off is entirely different from dynamic IPs.

Also, the admins running those things don’t do stuff to look like they are doing things, they wouldn’t care if you use a VPN if there was no downside to treating VPN IPs like any other.

No, they are literally not. Blocking VPN users is literally the low effort thing to do because the rate of problematic attacks and similar high effort issues coming from those IPs is much higher than the few legitimate users using VPNs are worth.