for a long time i ran parmanode as a easy way to get electrs, core and mempool running on a linux desktop but was so put off by all of the nonsense messages in that software

then using claude code terminal I did a seamless compile and configuration of core with electrs and mempool with a custom dashboard to see status and connection urls took less then 1 hr

claude code makes linux user friendly

goose > openclaw

we need @Kagi to index nostr. there is no good nostr search engine

@jack mallers what is the ai audio tool you use that reads your research to you during the day?

don't believe the old gov numbers, they were fake so we fixed them

the new numbers are real

THREE DUMB ROUTERS TOPOLOGY
(Y-Configuration for Network Isolation)

INTERNET
|
|
[ROOT ROUTER]
192.168.0.1
(No WiFi, No devices)
|
+-----------------+-----------------+
| |
LAN Port 1 LAN Port 2
| |
| |
[WAN Port] [WAN Port]
[SECURE ROUTER] [IoT ROUTER]
192.168.1.1 192.168.2.1
NAT Enabled NAT Enabled
| |
| |
+------+------+ +-------+-------+
| | | |
[PC-1] [PC-2] [Minecraft] [Smart Bulb]
192.168.1.10 192.168.1.11 192.168.2.10 192.168.2.11


KEY DETAILS:
═══════════════════════════════════════════════════════════════════

Root Router (The "Stem" of the Y)
├── WAN: Connected to Modem/Internet
├── LAN IP: 192.168.0.1 (or any base subnet)
├── DHCP: Can be disabled or only serve the two routers
└── IMPORTANT: No devices should connect directly here (no WiFi)

Secure Router (Left Branch)
├── WAN: Connected to Root Router LAN (gets IP like 192.168.0.2)
├── LAN IP: 192.168.1.1 (Different subnet!)
├── DHCP: Enabled (192.168.1.100-200)
└── Devices: PCs, Laptops, Phones, NAS (Your trusted devices)

IoT/Insecure Router (Right Branch)
├── WAN: Connected to Root Router LAN (gets IP like 192.168.0.3)
├── LAN IP: 192.168.2.1 (Different subnet!)
├── DHCP: Enabled (192.168.2.100-200)
└── Devices: Minecraft server, Smart home devices, Untrusted IoT

ISOLATION MECHANISM:
═══════════════════════════════════════════════════════════════════

Traffic Flow:
• Secure PC → Secure Router → Root Router → Internet ✓
• IoT Device → IoT Router → Root Router → Internet ✓
• Secure PC → IoT Router → BLOCKED (Different subnet, behind NAT)
• IoT Device → Secure Router → BLOCKED (ARP broadcasts don't cross routers)

Why This Works:
1. Routers block Ethernet broadcasts (ARP cannot traverse)
2. Each network is its own "broadcast domain"
3. Double NAT prevents IP scanning between networks
4. Compromised IoT device cannot use traceroute to find Secure network
(Only sees: IoT Router → Root Router → Internet)

Configuration Checklist:
□ All three routers have different LAN subnets (e.g., 0.x, 1.x, 2.x)
□ Secondary routers connect via WAN ports (not LAN ports)
□ No "Bridge Mode" or "Access Point Mode" on secondary routers
□ Root router ideally has WiFi disabled (or use as guest network only)
□ UPnP disabled on Root Router (prevents IoT from opening ports inward)

simple way to isolate your clawbot that you host at home:

1. buy a glinet gateway
2. plug wan into local network
3. plug clawbot box into lan on glinet gateway
3. on glinet gateway, enable tailscale
4. disable local network access on glinet

via tailscale menu on glinet:
5. enable alternative route to 192.168.8.1
6. on other computer connect to tailscale via tailscale app
7. navigate to ip of the clawbot box via ip (192.168.8.xxx)