pathfinder 1e – Can feats like Psionic Weapon, Shot or Fist work with out interference with Path of War Rules?

Can feats like Psionic Weapon, Shot or Fist; or Greater Psionic Weapon, Shot or Fist work without interference or sacrifice with Path of War Rules?

Effects from stances remain so long as stance is not changed. Gaining and using focus* during a rotation of Boosts, Counters and Strikes is what I worry about. With Psionic Meditation you can gain focus with a move action, but can I expend/use said focus at anytime during when a boost, strike or counter happens?


* see the “Gain psionic focus” part for the rules

dnd 5e – Does carrying/dragging a willing/unconscious creature cause half movement as per the grapple rules?

This is a slightly foggy area…but thankfully, Jeremy Crawford (official voice of rules for WotC) has weighed in on this in several (indirect) ways…

Q: what are the rules for creatures carrying friendly PCs? e.g mage polymorphed into giant eagle carrying allies? (5e)

A: See “Lifting and Carrying” in the Player’s Handbook (p. 176) for rules on carrying capacity.

https://twitter.com/JeremyECrawford/status/729784756255100928

Additionally, in relation to grapple/drag…

Q: is pushing/dragging a grappled creature subject to the carrying capacity rules?

A: The rule on moving a grappled creature (PH, 195) works regardless of a creature’s weight. It cares about creature size.

https://twitter.com/JeremyECrawford/status/907788900998946816

So, this gives us a baseline to build on top of.

Crawford has said that you can carry a friendly (and thus, willing) target around with you using the Lifting and Carrying rules. This seems rather evident, because horses don’t have to grapple you to carry you (or someone you captured and threw over their haunches) around. Additionally, giving someone a piggy-back ride is not at all like seizing someone in combat. Furthermore, he states that the Lift/Carry rules do not apply to Grappling.

From here, we don’t have any further clarity from the developers, but we can move on to plain English definitions to clear things up. Because that was the intent of D&D 5E is that plain English definitions could be used to help adjudicate the rules.

Grapple: to seize and struggle with another

Mirriam-Webster Dictionary

Based off this definition, we can work out what ‘grappling’ is. A “Grapple” is when you have seized someone who does not want to be seized. They are resisting you and trying to get loose.

If someone is not resisting you, you are not grappling with them. If someone is not capable of resisting you, you are not grappling with them. You’re just holding them. Throwing an unconscious or willing individual over your shoulder is not grappling, that’s carrying.

Thus, the ruling that makes the most sense, based off both Crawford’s rulings, simple definitions, and logic–is this:

“If a target is unwilling, you are grappling them. If the target is willing or unable to resist, you are carrying/dragging them.”

linux – Iptables rules as script but it blocks usb wifi adapter and vpn

i found this script online , when i execute it, it causes only 2 problems

1 – USB WiFi adapter stay blocked – rules applies only on internal WiFi

2- i can not connect to any VPN

what changes do i have to make inside this script

thanks in advice

#!/bin/sh

###############################################################################

###############################################################################

AWK=which awk
ECHO=which echo
GREP=which grep
IFCONFIG=which ifconfig
IPv4TABLES=which iptables
IPv6TABLES=which ip6tables
LS=which ls
SUDO=which sudo

ROOT_DIR=”/root”

###############################################################################

log() {
if ( $# -gt 0 ); then
now=date "+%x %T"
$ECHO -e “($now) $1”
else
$ECHO
fi
}

###############################################################################

disable() {
for file in $@
do
$SUDO $ECHO 0 > $file
done
}

###############################################################################

enable() {
for file in $@
do
$SUDO $ECHO 1 > $file
done
}

###############################################################################

enable_broadcast_echo_protection() {
if ( -e /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts ); then
log “{IGNORE} tt ICMP echo broadcasts”
enable /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
fi
}

###############################################################################

disable_source_routed_packets() {
if ( -e /proc/sys/net/ipv4/conf/all/accept_source_route ); then
log “{DISABLE} tt source route”
for iter in /proc/sys/net/ipv4/conf/*/accept_source_route
do
disable $iter
done
fi
}

###############################################################################

disable_icmp_redirects() {
if ( -e /proc/sys/net/ipv4/conf/all/accept_redirects ); then
log “{DISABLE} tt ICMP redirects”
for iter in /proc/sys/net/ipv4/conf/*/accept_redirects
do
disable $iter
done
fi
}

###############################################################################

disable_ip_forwarding() {
if ( -e /proc/sys/net/ipv4/ip_forward ); then
log “{DISABLE} tt IP forwarding”
disable /proc/sys/net/ipv4/ip_forward
fi
}

###############################################################################

enable_source_address_verification() {
if ( -e /proc/sys/net/ipv4/conf/all/rp_filter ); then
log “{ENABLE} tt reverse path filtering”
for iter in /proc/sys/net/ipv4/conf/*/rp_filter
do
enable $iter
done
fi
}

###############################################################################

enable_tcp_syn_cookies() {
if ( -e /proc/sys/net/ipv4/tcp_syncookies ); then
log “{ENABLE} tt SYN cookies protetion”
enable /proc/sys/net/ipv4/tcp_syncookies
fi
}

###############################################################################

drop_IANA_reserved_ips() {
iptables_bin=$1
log “{DROP} INCOMING: ttt all IANA reserved IPs”

$SUDO ${iptables_bin} -A INPUT -s 0.0.0.0/7 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 2.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 5.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 7.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 10.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 23.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 27.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 31.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 36.0.0.0/7 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 39.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 42.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 49.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 50.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 77.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 78.0.0.0/7 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 92.0.0.0/6 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 96.0.0.0/4 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 112.0.0.0/5 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 120.0.0.0/8 -j DROP
# $SUDO ${iptables_bin} -A INPUT -s 127.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 169.254.0.0/16 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 172.16.0.0/12 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 173.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 174.0.0.0/7 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 176.0.0.0/5 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 184.0.0.0/6 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 192.0.2.0/24 -j DROP
# $SUDO ${iptables_bin} -A INPUT -s 192.168.0.0/16 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 197.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 198.18.0.0/15 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 223.0.0.0/8 -j DROP
$SUDO ${iptables_bin} -A INPUT -s 224.0.0.0/3 -j DROP

}

###############################################################################

enable_log_martians() {
if ( -e /proc/sys/net/ipv4/conf/all/log_martians ); then
log “{ENABLE} tt log for all unroutable packets”
for iter in /proc/sys/net/ipv4/conf/*/log_martians
do
enable $iter
done
fi
}

###############################################################################

disable_enable_kernel_features() {
enable_broadcast_echo_protection
enable_log_martians
enable_source_address_verification
enable_tcp_syn_cookies

disable_icmp_redirects
disable_ip_forwarding
disable_source_routed_packets

}

###############################################################################

clear_all_rules() {
log “clear all rules”

iptables_bin=$1

# default table is filter
$SUDO ${iptables_bin} -F -t filter
$SUDO ${iptables_bin} -F -t nat
$SUDO ${iptables_bin} -F -t mangle

}

###############################################################################

default_drop_all() {
log “default drop”

iptables_bin=$1

# filter table
$SUDO ${iptables_bin} -t filter -P INPUT DROP
$SUDO ${iptables_bin} -t filter -P OUTPUT DROP
$SUDO ${iptables_bin} -t filter -P FORWARD DROP

# mangle table
$SUDO ${iptables_bin} -t mangle -P PREROUTING DROP
$SUDO ${iptables_bin} -t mangle -P INPUT DROP
$SUDO ${iptables_bin} -t mangle -P OUTPUT DROP
$SUDO ${iptables_bin} -t mangle -P FORWARD DROP
$SUDO ${iptables_bin} -t mangle -P POSTROUTING DROP

}

###############################################################################

log_all_dropped_incoming() {
log “t {LOG} INCOMING: tt all dropped”

iface=$1
iptables_bin=$2

# filter table
${SUDO} ${iptables_bin} -t filter -A INPUT -i ${iface} -m limit --limit 2/min -j LOG --log-prefix "{INPUT-filter-Dropped} " --log-level 7

# mangle table
${SUDO} ${iptables_bin} -t mangle -A INPUT -i ${iface} -m limit --limit 2/min -j LOG --log-prefix "{INPUT-mangle-Dropped} " --log-level 7

}

###############################################################################

log_all_dropped_outgoing() {
log “t {LOG} OUTGOING: tt all dropped”

iface=$1
iptables_bin=$2

# filter table
${SUDO} ${iptables_bin} -t filter -A OUTPUT -o ${iface} -m limit --limit 2/min -j LOG --log-prefix "{OUTPUT-filter-Dropped} " --log-level 7

# mangle table
${SUDO} ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -m limit --limit 2/min -j LOG --log-prefix "{OUTPUT-mangle-Dropped} " --log-level 7

}

###############################################################################

allow_related_established() {
log “{ALLOW} INCOMING & OUTGOING: t related & established packets”

iptables_bin=$1

# filter table
$SUDO ${iptables_bin} -t filter -I INPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$SUDO ${iptables_bin} -t filter -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -I PREROUTING 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$SUDO ${iptables_bin} -t mangle -I INPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$SUDO ${iptables_bin} -t mangle -I OUTPUT 1 -m state --state RELATED,ESTABLISHED -j ACCEPT
$SUDO ${iptables_bin} -t mangle -I POSTROUTING 1 -m state --state RELATED,ESTABLISHED -j ACCEPT

}

###############################################################################

allow_loopback() {
log “{ALLOW} INCOMING & OUTGOING: t loopback interface”

iptables_bin=$1

# filter table
$SUDO ${iptables_bin} -t filter -A INPUT -i lo -j ACCEPT
$SUDO ${iptables_bin} -t filter -A OUTPUT -o lo -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A PREROUTING -i lo -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A INPUT -i lo -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o lo -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o lo -j ACCEPT

}

###############################################################################

allow_DHCP_out() {
log “t {ALLOW} OUTGOING: tt DHCP”

iface=$1
iptables_bin=$2

$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p udp --dport 67:68 --sport 67:68 -j ACCEPT

}

###############################################################################

allow_SSH_in() {
log “t {ALLOW} INCOMING: tt SSH”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A INPUT -i ${iface} -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A INPUT -o ${iface} -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A PREROUTING -o ${iface} -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT

}

###############################################################################

allow_SSH_out() {
log “t {ALLOW} OUTGOING: tt SSH”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o ${iface} -p tcp -m tcp --dport 22 -m state --state NEW -j ACCEPT

}

###############################################################################

allow_WHOIS_out() {
log “t {ALLOW} OUTGOING: tt WHOIS”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p tcp -m tcp --dport 43 -m state --state NEW -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -p tcp -m tcp --dport 43 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o ${iface} -p tcp -m tcp --dport 43 -m state --state NEW -j ACCEPT

}

###############################################################################

allow_SMTP_out() {
log “t {ALLOW} OUTGOING: tt SMTP”

iface=$1
iptables_bin=$2

$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p tcp -m tcp --dport 25 -m state --state NEW -j ACCEPT

}

###############################################################################

allow_DNS_out() {
log “t {ALLOW} OUTGOING: tt DNS”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p udp -m udp --dport 53 -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -p udp -m udp --dport 53 -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o ${iface} -p udp -m udp --dport 53 -j ACCEPT

}

###############################################################################

allow_ping_in() {
log “{ALLOW} INCOMING: tt ping”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A INPUT -i ${iface} -p icmp --icmp-type echo-reply -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A PREROUTING -i ${iface} -p icmp --icmp-type echo-reply -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A INPUT -i ${iface} -p icmp --icmp-type echo-reply -j ACCEPT

}

###############################################################################

allow_ping_out() {
log “t {ALLOW} OUTGOING: tt ping”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p icmp --icmp-type echo-request -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -p icmp --icmp-type echo-request -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o ${iface} -p icmp --icmp-type echo-request -j ACCEPT

}

###############################################################################

allow_NTP_out() {
log “t {ALLOW} OUTGOING: tt NTP”

iface=$1
iptables_bin=$2

$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p udp --dport 123 --sport 123 -j ACCEPT

}

###############################################################################

allow_HTTP_out() {
log “t {ALLOW} OUTGOING: tt HTTP”

iface=$1
iptables_bin=$2

# filter table
$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p tcp --dport 80 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t filter -A OUTPUT -o ${iface} -p tcp --dport 443 -m state --state NEW -j ACCEPT

# mangle table
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -p tcp --dport 80 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A OUTPUT -o ${iface} -p tcp --dport 443 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o ${iface} -p tcp --dport 80 -m state --state NEW -j ACCEPT
$SUDO ${iptables_bin} -t mangle -A POSTROUTING -o ${iface} -p tcp --dport 443 -m state --state NEW -j ACCEPT

}

###############################################################################

allow_skype_in() {
log “t {ALLOW} INCOMING: tt skype”

iface=$1
iptables_bin=$2

$SUDO ${iptables_bin} -t filter -A INPUT -i ${iface} -p udp --dport 16514 -j ACCEPT
$SUDO ${iptables_bin} -t filter -A INPUT -i ${iface} -p tcp --dport 16514 -j ACCEPT

}

###############################################################################

firewall_all_ifaces() {
iptables_bin=$1

INET_FACES=`$IFCONFIG -s | $GREP -vi 'kernel' | $GREP -vi 'iface' | $GREP -v 'lo' | $AWK '{print $1}'`
for iface in $INET_FACES
do
    log "============== ${iface} =============="

    # allow incoming requests
    #allow_SSH_in ${iface}
    #allow_ping_in ${iface}
    allow_skype_in ${iface} ${iptables_bin}

    # allow outcoming requests
    allow_DHCP_out ${iface} ${iptables_bin}
    allow_DNS_out ${iface} ${iptables_bin}
    allow_HTTP_out ${iface} ${iptables_bin}
    allow_NTP_out ${iface} ${iptables_bin}
    allow_ping_out ${iface} ${iptables_bin}
    allow_SMTP_out ${iface} ${iptables_bin}
    allow_SSH_out ${iface} ${iptables_bin}
    allow_WHOIS_out ${iface} ${iptables_bin}

    # has to be the last rules to catch only the dropped packets
    log_all_dropped_incoming ${iface} ${iptables_bin}
    log_all_dropped_outgoing ${iface} ${iptables_bin}
done

}

###############################################################################

is_root() {
$LS $ROOT_DIR >/dev/null 2>/dev/null
return $?
}

###############################################################################

main() {
if ( “x$(is_root)” != “x0” ); then
log “Not a root!”
fi

log
log "-------------- KERNEL FEATURES ---------------"
disable_enable_kernel_features

# Handle IPv4 based firewall
if ( ! -z $IPv4TABLES ); then
    log
    log "-------------- IPv4 ---------------"
    clear_all_rules $IPv4TABLES
    default_drop_all $IPv4TABLES
    allow_related_established $IPv4TABLES
    allow_loopback $IPv4TABLES
    drop_IANA_reserved_ips $IPv4TABLES
    firewall_all_ifaces $IPv4TABLES
fi

# Handle IPv6 based firewall
if ( ! -z $IPv6TABLES ); then
    log
    log "-------------- IPv6 ---------------"
    clear_all_rules $IPv6TABLES
    default_drop_all $IPv6TABLES
fi

}

#set -x
main

Are there any provisions within the immigration rules for exonerating one for overstaying due to extreme extenuating circumstances?

Typically an overstayer would be subjected to a ban of various lengths. Supposing it was not one’s own fault that one overstayed, are there any provisions within the rules for making an argument along these lines with respect to an overstay of significantly more than 28 days?

YouTube rules?

Good afternoon, dear, tell the veteran, if you have any questions on YouTube, you have any questions.

The first question is, I bought the channel before there was children’s Russian content and there are 3000 subscribers, but the hours are written off, I want to do reviews on Trump in my bad English, to be honest, I just want to make money because they pay more on views for the United States.

The second question is I want to increase my views using the bot.

The third moment, I really like the Trump theme, I really like it, I’m not kidding, I want to upload three videos a day on the Trump theme to the channel, but my face will not be visible, I will be wearing a mask.
SEMrush

From here I have a question and will they connect me $$$ ???

 

5E rules regarding armor and being prone

In 5E, the rules seem pretty straightforward, but clear, regarding armor and the associated AC. However, it seems a little out of balance for characters who fall prone.

Does, or should, the AC for a character change if they are prone? For example, the Paladin in my group I am DM’ing was wearing plate armor and was knocked unconscious, falling prone. As far as I can tell, this means he still retains his 18 AC, regardless of the fact he is no longer moving.

Should the AC stay at 18 or get reduced? Am I missing where this might be covered?

dnd 5e – What explicit player-side rules exist for reflavoring races/classes?

Wizards’ spellbooks and artificer “magic” are explicitly called out as being reflavorable–that is, as long as everything has the same numbers, a “spellbook” doesn’t need to be a book, and artificer “spells” don’t need to look like classic magic spells. I think I remember seeing some passage about being allowed to reflavor spells in general, such as learning magic missile but casting it by creating a floating skull that spews spooky blobs of pain (as long as the skull doesn’t do anything other than deal 1d4+1 force damage three times), but I skimmed the magic section of the PHB and couldn’t find it.

Spellcasting focuses and musical instruments are also given as open lists, including some example items and their prices/weights, but stating that, for example, an arcane focus can be “some similar item”. What exactly this means for a character’s gold pouch and carrying capacity is unclear, but it is another example of something that explicitly allows players to–as long as they don’t receive any gameplay benefit–reflavor things to their tastes.

Are there any other rules like this, be they specific to a certain racial trait or class feature, or a more general “hey you’re allowed to change things up as long as they don’t affect gameplay”? I know that the DMG has guidelines for all sorts of alterations that you can make, but that seems like more of a soft suggestion than something that’s definitively legal. This question isn’t meant to be AL-specific, but using it as an example since it is an environment where DMs generally can’t just go “oh I like that idea sure you can do it”… Could an AL player have a Medium-sized non-venomous drider who’s bad at climbing by playing a drow and simply saying that their character is a drider*? Or could an AL player make a barbarian fight not by entering a primal rage, but by consuming a can of vitamin-rich spinach? Or, things in that vein that are related to some specific other race/racial trait or class/class feature?

*Actually, I just checked the AL rules and they say there that you can reskin races, so maybe AL isn’t the best example situation here. In general, I just mean “some setting where houserules and homebrew aren’t allowed.”

nat – Translate iptables rules to pf rules for SSL Proxy

I’m trying to set up PolarProxy on a network machine running Security Onion.

I’m using pfSense on the router/gateway.

There’s a guide online on how to set up PolarProxy using iptables, though I can’t figure out how to convert the rules to pf. Can someone please help?

This is the PolarProxy tutorial:
https://www.netresec.com/?page=Blog&month=2020-01&post=Sniffing-Decrypted-TLS-Traffic-with-Security-Onion

The issue is step 8b. part 1, 2 and 3.

sudo iptables -A FORWARD -i eth1 -d [SecurityOnionIP] -p tcp --dport 10443 -m state --state NEW -j ACCEPT 
sudo iptables -t nat -A PREROUTING -i eth1 -p tcp --dport 443 -j DNAT --to [SecurityOnionIP]:10443
sudo iptables -t nat -A POSTROUTING -o eth1 -d [SecurityOnionIP] -p tcp --dport 10443 -j MASQUERADE 

i found some example of the prerouting rule:

rdr pass on eth1 proto tcp to port 443 -> [SecurityOnionIP] port 10443

but can’t find anything on translating the iptables FORWARD or POSTROUTING MASQUERADE rules.

Thanks in advance.

Replace Condition in Replacement Rules

In finding an answer to my other question, I’m finding myself needing to manipulate the conditions imposed on replacement rules, but this is proving to be a little difficult. In particular, how should I go about removing instances of Condition and PatternTest?

Using the code from my other answer (slightly adjusted):

f(x_?InexactNumberQ) := x^2;
g(x_) /; FooQ(x) := x^3;

Attributes(ExpandValues) = {HoldAll};
ExpandValues(symbol_) := Join @@ Through(
  {OwnValues, DownValues, UpValues, SubValues, DefaultValues, NValues}(symbol)
);
ExpandValues(symbol_, symbols__) := Join(ExpandValues(symbol), ExpandValues(symbols));

then the replacement rules that need to be modified are:

{
  HoldPattern(f((x_)?InexactNumberQ)) :> x^2,
  HoldPattern(g(x_) /; FooQ(x)) :> x^3
}

I would like these to be modified to not have any conditions on the arguments, but trying to replace the condition and pattern test is proving difficult. This for example does not work:

{
  HoldPattern(Condition(p_, q_)) :> p,
  HoldPattern(PatternTest(p_, q_)) :> p
}

I’ve also tried using Verbatim which the documentation suggests is useful to transform other transformation rules, but I have not gotten them to work. I’m also thinking that the use of Verbatim won’t work generally because it is too literal.

I’ve had partial success with

{
  Condition -> (#1 &),
  Patterntest -> (#1 &)
}

but when the replacement appears within a HoldPattern, the resulting rule after replacement does not work.

dnd 5e – Are there rules for combining generic variant magic items?

For example: Adamantine armor is an uncommon generic armor variant. +1 armor is a rare variant. Is there such a thing as +1 adamantine plate armor? What’s its rarity?

Does the situation change when one of the item “bases” is a generic variant, but the other isn’t? For example, javelin of lightning is a specific uncommon magic weapon. +1 is a generic uncommon modifier to weapons. What about a +1 javelin of lightning?