codesanitize

dnat – Juniper MX and vacation spot/portforwarding NAT

Computer Networking

codesanitize

-

17 August 2025

I am struggling to get portforwarding engaged on a Juniper MX:

[show interfaces ge-1/0/0 unit 13]
description "CCTV and Entry Management";
vlan-id 13;
household inet {
    filter {
        output cctv-and-access-control;
    }
    service {
        enter {
            service-set nat-lan;
        }
        output {
            service-set nat-lan-portforward service-filter nat-lan-filter;
            service-set nat-lan;
        }
    }
    handle 172.16.20.1/24 {
        major;
    }
    handle 172.16.21.1/24;
}
[show services service-set nat-lan-portforward]
nat-rules sk7-port-forwarding;
interface-service {
    service-interface ms-0/2/0;
}
[show services nat]
pool prospects {
    address-range low 91.196.137.4 excessive 91.196.137.6;
    port {
        automated;
    }
}
pool sk7 {
    handle 91.196.137.254/32;
    port {
        automated;
    }
}
pool infrastructure {
    handle 91.196.137.253/32;
    port {
        automated;
    }
}
pool sk7-portforwarded {
    handle 91.196.137.252/32;
}
rule default {
    match-direction enter;
    time period no-nat {
        from {
            destination-address {
                10.0.0.0/8;
                172.16.0.0/12;
                192.168.0.0/16;
            }
        }
        then {
            no-translation;
        }
    }
    time period prospects {
        from {
            source-address {
                10.20.100.0/22;
            }
        }
        then {
            translated {
                source-pool prospects;
                translation-type {
                    napt-44;
                }
            }
        }
    }
    time period infrastructure {
        from {
            source-address {
                10.10.10.0/24;
                10.10.12.0/24;
                10.10.16.0/21;
            }
        }
        then {
            translated {
                source-pool infrastructure;
                translation-type {
                    napt-44;
                }
            }
        }
    }
    time period sk7 {
        from {
            source-address {
                172.16.25.8/29;
            }
        }
        then {
            translated {
                source-pool sk7;
                translation-type {
                    napt-44;
                }
            }
        }
    }
}
rule sk7-port-forwarding {
    match-direction output;
    time period default {
        from {
            destination-address {
                91.196.137.252/32;
            }
            destination-port {
                vary low 7000 excessive 7000;
            }
        }
        then {
            translated {
                destination-prefix 172.16.21.3/32;
                translation-type {
                    dnat-44;
                }
            }
        }
    }
}
[show firewall]
household inet {
    service-filter nat-lan-filter {
        time period skip-translation {
            from {
                source-address {
                    10.0.0.0/8;
                    172.16.0.0/12;
                    192.168.0.0/16;
                }
            }
            then skip;
        }
        time period default {
            then service;
        }
    }
}

pnat does work, so the hosts have entry to the Web, however portforwarding of tcp/7000 doesn’t:

[from MX itself]
emz@perm-mx5# run telnet 172.16.21.3 port 7000
Attempting 172.16.21.3...
Linked to 172.16.21.3.
Escape character is '^]'.
�^]
telnet> Connection closed.
[edit]

[from a host in WAN]
$ telnet 91.196.137.252 7000
Attempting 91.196.137.252...
telnet: Unable to connect with distant host: Connection timed out

This unit is operating the next JunOS model:

run present system software program
Info for jbase:

Remark:
JUNOS Base OS Software program Suite [21.2R3-S5.4]

Info for jcrypto:

Remark:
JUNOS Crypto Software program Suite [21.2R3-S5.4]

Info for jcrypto-dp-support:

Remark:
JUNOS DP Crypto Software program Software program Suite [21.2R3-S5.4]

Info for jdocs:

Remark:
JUNOS On-line Documentation [21.2R3-S5.4]

Info for jkernel:

Remark:
JUNOS Kernel Software program Suite [21.2R3-S5.4]

Info for jmacsec:

Remark:
JUNOS Macsec Software program Suite [21.2R3-S5.4]

Info for jpfe:

Remark:
JUNOS Packet Forwarding Engine Assist (MX80) [21.2R3-S5.4]

Info for jroute:

Remark:
JUNOS Routing Software program Suite [21.2R3-S5.4]

Info for jsd:

Remark:
JUNOS jsd [powerpc-21.2R3-S5.4-jet-1]

Info for jsdn-powerpc:

Remark:
JUNOS SDN Software program Suite [21.2R3-S5.4]

Info for jservices-alg:

Remark:
JUNOS Providers Software Degree Gateways [21.2R3-S5.4]

Info for jservices-cos:

Remark:
JUNOS Providers COS [21.2R3-S5.4]

Info for jservices-cpcd:

Remark:
JUNOS Providers Captive Portal and Content material Supply Container bundle [21.2R3-S5.4]

Info for jservices-crypto-base:

Remark:
JUNOS Providers Crypto [21.2R3-S5.4]

Info for jservices-ipsec:

Remark:
JUNOS Providers IPSec [21.2R3-S5.4]

Info for jservices-jflow:

Remark:
JUNOS Providers Jflow Container bundle [21.2R3-S5.4]

Info for jservices-nat:

Remark:
JUNOS Providers NAT [21.2R3-S5.4]

Info for jservices-rpm:

Remark:
JUNOS Providers RPM [21.2R3-S5.4]

Info for jservices-rtcom:

Remark:
JUNOS Providers RTCOM [21.2R3-S5.4]

Info for jservices-sfw:

Remark:
JUNOS Providers Stateful Firewall [21.2R3-S5.4]

Info for jservices-softwire:

Remark:
JUNOS Providers SOFTWIRE [21.2R3-S5.4]

Info for jservices-ssl:

Remark:
JUNOS Providers SSL [21.2R3-S5.4]

Info for jservices-tcp-log:

Remark:
JUNOS Providers TCP-LOG [21.2R3-S5.4]

Info for junos:

Remark:
JUNOS Base OS boot [21.2R3-S5.4]

Info for py-base-powerpc:

Remark:
JUNOS py-base-powerpc [21.2R3-S5.4]

Info for py-extensions-powerpc:

Remark:
JUNOS py-extensions-powerpc [21.2R3-S5.4]

linker – iOS archiving for launch strips away world symbols

iOS Development

codesanitize

-

16 August 2025

0

I’ve a cocoapods library.

This library has some C features that I’ve uncovered globally:

#outline EXPORT __attribute__((visibility("default"), used, retain)) extern "C"

EXPORT void ios_prepare_request(const char *url) {
  // some obj-c code
}

Then internally a dylib is loaded. This dylib tries to name these features.
When run through Xcode, every part is working.
Nevertheless, after I package deal the app to TestFlight/Debugging deployment. There’s a stripping step that eliminates my world symbols. Due to this fact when I attempt to name any of the features from the dylib in some unspecified time in the future it will get a null pointer reference and the app crashes.
I have been making an attempt to get round this with the assistance of one of many apple engineers, his suggestion is to make use of a linker flag -export_symbols_list, however it doesn’t matter what I attempted it would not work.
I’ve managed to get it working by disabled world stripping within the consumer goal xcconfig, however this clearly shouldn’t be superb because it messes with the consumer goal.

  s.user_target_xcconfig = {
    'STRIP_STYLE' => 'non-global'
  }

By default cocoapods creates a static lib, so export_symbol_list will not work as it’s meant for dylibs, I attempted to resolve this by turning the lib right into a dynamic framework

s.static_framework = false
s.preserve_paths="exports.exp"
  s.pod_target_xcconfig= {
        # 'OTHER_LDFLAGS' => '$(inherited) -Wl,-exported_symbols_list,$(PODS_TARGET_SRCROOT)/exports.exp',
  }

With the default config an a static lib, claude suggests utilizing a -u flag and passing every image I have to hold alive, however this additionally doesn’t work

  s.user_target_xcconfig = {
    'OTHER_LDFLAGS' => '$(inherited) -Wl,-u,_ios_prepare_request'
  }

At this level I am out of concepts easy methods to stop the worldwide symbols from being stripped. In some unspecified time in the future I attempted passing the features in a initialization perform however in some way they had been nonetheless being stripped.

Any recommendations what may work?

ios – deal with choice and replace in MVVM?

iOS Development

codesanitize

-

16 August 2025

0

I am enjoying round with MVVM and have bother wrapping my head round the way to work with deciding on a single component.

Following on-line examples I’ve written one thing primary that fetches an inventory of information and shows it.

struct NoteListView: View {
    @State personal var mannequin = NoteModel()
    
    var physique: some View {
        NavigationStack {
            Checklist(mannequin.notes) { word in
                NavigationLink {
                    NoteDetailView(word: word)
                } label: {
                    Textual content(word.title)
                }
            }
            .job {
                mannequin.fetchNotes()
            }
        }
    }
}

struct NoteDetailView: View {
    let word: Notice
    
    var physique: some View {
        Textual content(word.title)
            .font(.title)
        Textual content(word.content material)
    }
}

@Observable
class NoteModel {
    var notes: [Note] = []
    
    func fetchNotes() {
        self.notes = [
            Note(title: "First note", content: "Test note"),
            Note(title: "Reminder", content: "Don't forget to water the plants!"),
            Note(title: "Shopping list", content: "Eggs, milk, hat, bread")
        ]
    }
}

struct Notice: Identifiable, Hashable {
    let id = UUID()
    var title: String
    var content material: String
}

Now I wish to replace a word on the element view. Updating entails a PUT request to the server with the server calculating knowledge for the replace, so after the request is profitable the brand new model of the word must be fetched. I am unable to appear to determine the way to write this. I feel the mannequin would look one thing like this.

@Observable
class NoteModel {
    var notes: [Note] = []
    var selectedNote: Notice?
    
    func fetchNotes() {
        self.notes = [
            Note(title: "First note", content: "Test note"),
            Note(title: "Reminder", content: "Don't forget to water the plants!"),
            Note(title: "Shopping list", content: "Eggs, milk, hat, bread")
        ]
    }

    func fetchNote(title: String) {
        // fetch a single word, in all probability used after updating a word to show the up to date word on the small print view
        self.selectedNote = APIClient.fetchNote()
    }
    
    func updateNote(title: String, content material: String) {
        self.selectedNote?.title = title
        self.selectedNote?.content material = content material
        // makes a PUT request to replace the word, after which the word must be fetched
    }
}

However I do not know the way to cross the chosen word to the small print view and the way to replace the word displayed on the small print view and on the checklist view. I think about that it is a pretty primary situation for MVVM, however I could not discover any examples illustrating the essential conventions on how to do that.

Regardless of the hubbub, Intel is holding onto server market share

Computer Networking

codesanitize

-

15 August 2025

0

Regardless of the hubbub, Intel is holding onto server market share

Server CPU shipments have been “uninteresting,” as he put it, on a sequential foundation, with neither provider seeing a lot development on quarter after final quarter’s atypical improve. On-year, the server market was up considerably however that’s as a result of a 12 months in the past, the phase was close to its cyclical lows and coping with stock changes.

“Intel was in a position to maintain volumes in complete server unit shipments by shifting shipments to non-data middle merchandise, resembling Xeon D in networking/storage servers, which they famous of their earnings name. That comes at a value; these merchandise have a lot decrease ASPs, so decrease revenues, which is why Intel’s DCAI revenues have been decrease when models have been flat,” McCarron advised Community World.

“Nothing actually strikes that quick in servers, and on the whole a ‘freefall’ can’t actually occur outdoors of some systemic demand collapse occasion like 2008 was, as the remainder of the trade realistically can’t take in market share at a vast charge as a result of provide chain concerns,” he added.

AMD’s server revenues hit a file excessive, however many of the income positive aspects was from promoting a better mixture of its new Turin core CPUs, and unit cargo development was very modest. Nonetheless, even with a 0.1-point improve in share, which means a brand new file excessive in AMD server gross sales. It now has 37.2% market share.

Excluding IoT/SoC embedded merchandise from consideration, Intel’s shipments barely outgrew AMDs within the quarter leading to Intel having a modest sequential share improve thanks partly to cellular CPU shipments, the place Intel has strong merchandise. AMD made a slight achieve in desktops, the place it’s notably sturdy.

As for Arm, it confirmed power within the server market because of Nvidia’s GB200 processors ramping up volumes. On the shopper aspect, Apple had barely larger shipments within the second however that was offset by weak point in Chromebooks.

This week in AI dev instruments: Claude Sonnet 4’s bigger context window, ChatGPT updates, and extra (August 14, 2025)

Software Development

codesanitize

-

15 August 2025

0

This week in AI dev instruments: Claude Sonnet 4’s bigger context window, ChatGPT updates, and extra (August 14, 2025)

Anthropic expands Claude Sonnet 4’s context window to 1M tokens

With this bigger context window, Claude can course of codebases with 75,000+ strains of code in a single request. This permits it to higher perceive challenge structure, cross-file dependencies, and make ideas that match with the whole system design.

Longer context home windows at the moment are in beta on the Anthropic API and Amazon Bedrock, and can quickly be accessible in Google Cloud’s Vertex AI.

For prompts over 200K tokens, pricing will improve to $6 / million tokens (MTok) for enter and $22.50 / MTok for output. The pricing for requests below 200K tokens might be $3 / MTok for enter and $15 / MTok for output.

The corporate additionally prolonged its studying mode designed for college students into Claude.ai and Claude Code. Studying mode asks customers inquiries to information then by ideas as a substitute of offering fast solutions, to advertise important considering of issues.

OpenAI provides GPT-4o as a legacy mannequin in ChatGPT

With this replace, paid customers will now be capable to choose GPT-4o when utilizing ChatGPT, together with different fashions like o3, GPT-4.1, and GPT-5 Considering mini.

The mannequin picker for GPT-5 additionally now contains Auto, Quick, and Considering mode. Quick prioritizes giving the quickest solutions, considering prioritizes giving deeper solutions that take longer to assume by, and auto chooses between the 2.

The corporate additionally elevated the message restrict for Plus and Group customers to three,000 per week on GPT-5 Considering.

Google releases Gemma 3 270M

This new mannequin is “designed from the bottom up for task-specific fine-tuning with sturdy instruction-following and textual content structuring capabilities already skilled in,” in accordance with Google.

It’s best in conditions the place there’s a high-volume, well-defined activity; velocity and value issues; consumer privateness must be protected; or there’s a want for a fleet of specialised activity fashions.

Each pretrained and instruction tuned variations of the mannequin can be found for obtain from Hugging Face, Ollama, Kaggle, LM Studio, and Docker. Alternatively, the fashions will be tried out in Vertex AI.

NVIDIA releases newest fashions in Llama Nemotron household

Llama Nemotron are a household of reasoning fashions, and the most recent updates embrace a brand new hybrid mannequin structure, compact quantized fashions, and a configurable considering funds to provide builders extra management over token era.

This mixture lets the fashions cause extra deeply and reply quicker, without having extra time or computing energy. This implies higher outcomes at a decrease value,” the corporate wrote in an announcement.

Google’s coding agent Jules will get critique performance

Google is enhancing its AI coding agent, Jules, with new performance that evaluations and critiques code whereas Jules continues to be engaged on it.

“In a world of fast iteration, the critic strikes the overview to earlier within the course of and into the act of era itself. This implies the code you overview has already been interrogated, refined, and stress-tested … Nice builders don’t simply write code, they query it. And now, so does Jules,” Google wrote in a weblog submit.

In accordance with the corporate, the coding critic is sort of a peer reviewer who’s aware of code high quality ideas and is “unafraid to level out whenever you’ve reinvented a dangerous wheel.”

GitHub to be folded into Microsoft’s CoreAI org

GitHub’s CEO Thomas Dohmke has introduced his plans to depart the corporate on the finish of the 12 months.

In a memo to workers, he mentioned that Microsoft doesn’t plan to exchange him; reasonably, GitHub and its management workforce will now function below Microsoft’s CoreAI group, a bunch inside the firm targeted on creating AI-powered instruments, together with GitHub Copilot.

“At present, GitHub Copilot is the chief of essentially the most profitable and thriving market within the age of AI, with over 20 million customers and counting,” he wrote. “We did this by innovating forward of the curve and displaying grit and willpower when challenged by the disruptors in our house. In simply the final 12 months, GitHub Copilot turned the primary multi-model resolution at Microsoft, in partnership with Anthropic, Google, and OpenAI. We enabled Copilot Free for tens of millions and launched the synchronous agent mode in VS Code in addition to the asynchronous coding agent native to GitHub.”

Sentry launches MCP monitoring software

Software monitoring firm Sentry is making it simpler to achieve visibility into MCP servers with the launch of a brand new monitoring software.

With MCP monitoring, builders can perceive issues like which shoppers are experiencing errors, which instruments are most used, or which instruments are working sluggish. They will additionally correlate errors with occasions like visitors spikes or new launch deployments, or determine if errors are solely taking place on one sort of transport.

In accordance with Cody De Arkland, head of developer expertise at Sentry, when Sentry launched its personal MCP server, it was getting over 30 million requests monthly. He mentioned that at that scale, it’s inevitable that errors will happen, and present monitoring instruments have been battling MCP servers.

bitHuman launches SDK for creating AI avatars

AI firm bitHuman has introduced a visible SDK for creating avatars to be used as chat brokers, instructors, digital coaches, companions, and specialists in numerous fields.

In accordance with the corporate, the SDK permits avatars to be created on Arm-based and x86 methods with no GPU. The avatars have a small footprint and will be run on-line or offline on units like Chromebooks, Mac Minis, and Raspberry Pis.

Due to their small footprint, these characters will be delivered to a variety of environments, together with school rooms, kiosks, cell apps, or edge units.

Learn final week’s updates right here: This week in AI dev instruments: GPT-5, Claude Opus 4.1, and extra (August 8, 2025)