Actually it's simple than "NAT", technically. Normally when we said "NAT", it's not just NAT (Network Address Translate), but a NAT plus a stateful firewall (see documents below). The conntrack here is a stateful firewall as in "NAT". And compare to create a map from (paddr, pport) to (iaddr, iport) and match the later, it's more simple to just match suffix of address.
Coelacanthus
No. It's not random. SLAAC uses EUI-64 by default, it generate fixed /64 suffix from MAC. And with suffix match of nftables you can still do device specific income firewall rules. For random privacy address, it's only used for outcome so just block all other income of IPv6 addresses except EUI-64 is enough.
ESPHome has supported Thread since 2025.6.0b1. But Matter support still need more time.
I don't want each client to have a globally unique address as that just allows insane tracking.
Just for this issue, SLAAC has a privacy extension to generate temporary random IPv6 address for outcome traffic. It's untrackable as well, but in different way to NAT (one device has many addresses instead of many devices have one address).
If I go for SLAAC with privacy extensions and I keep paying for a static IP (v4 & v6) to my ISP then I can't implement any firewall rules for specific devices as devices will change their IP regularly. And its even worse if I don't pay for a static IPv6 prefix.
I don't know which firewall software you used. But if you use nftables, which support suffix match and conntrack for TCP/UDP, you can block all new (identified by conntrack) income (since privacy extension design for outcome) and allow income with specific suffix (for SLAAC with EUI-64, it will stable), needn't care about which prefix was used.
For example, something like epub is going to be hard because the format is really just a zip file with a specific internal file structure. So, it's not really the .epub file you want to grep, but one of the files within that zip file you want to grep through.
ePub is a zip file contains a batch of HTML file for contents and some XML files for metadata. So you can extract it and do grep as you do for HTML files.
So when they will change this horrible hardcode font fallback list with "normal" font fallback mechanism like Fontconfig?
https://github.com/pop-os/cosmic-text/blob/main/src/font/fallback/unix.rs
Raspberry Pi Zero 2 can run Linux. So you can run mail client on it of course.
The green PCB on left-bottom corner breaks the consistence of design...
It "converts" from and to Ethernet frames, of course. There is not actual L2 difference between PON network and normal fiber ethernet network. In simplified description, it just replace active switch with passive optical splitter.
Yes. Like fiber ethernet, differnet speed need different ONT. But noteworthy, there are some different standards for the same speed level, they are incompatible. For example, EPON and GPON, they are both for 1GbE but incompatible.
Please read this article authored by maintainer of Linux kernel memory management subsystem and cgroup subsystem, Chris Down.
https://chrisdown.name/2018/01/02/in-defence-of-swap.html
And there is another article with some additional informations about swap authored by @farseerfc@sn.angry.im who tranlated the article above to Chinese.
https://farseerfc.me/followup-about-swap.html (only Chinese version available)