GPK | novel typing technique for special symbols | Keyboard library

Both functions actually return the same values, when used properly!

Apparently, turfjs - since it is based on GeoJSON - uses LngLat formation instead of LatLng. Switching them around in turf.point definitions resolves the question and fixes all the related stuff I had.

For reference: https://macwright.org/lonlat/

A frustrating inconsistency in geospatial (mapping) software is coordinate order. Coordinates are often represented as arrays, like [-87.73, 41.83], instead of objects, like { lng: -87.73, lat: 41.83 }. This leaves it up to the developer to determine whether -87.73 is the longitude or latitude. One choice places a point on Chicago, and the other a location deep in Antarctica.

There's some consensus growing around longitude, latitude order for geospatial formats, but still chaos for libraries and software. It's up to the developer to be aware of this issue and read the requisite documentation, and flip coordinates if necessary to translate between different systems.

Your responses are not getting back to the client because you're using a separate socket to send responses back. This socket has a different local port number than the socket that received the packet from the client, so to the NAT it appears to be coming from a different source and is therefore not forwarded.

When a UDP datagram exits a NAT, the NAT keeps track of the destination IP and port along with the local IP and port used by the NAT and matches that with the original source IP and port on the inside network. For an incoming packet to pass back through to the original source, the source IP and port of the incoming must match the destination IP and port of the prior outgoing packet, and the destination IP and port of the incoming packet must match the IP and port of the NAT for the outgoing packet. If that condition is met, the NAT forward the packet to the original source IP and port. This is referred to as UDP hole punching

Let's illustrate this with an example. Suppose you have the following hosts:

• server (outside of NAT): IP 192.168.0.10
• NAT: internal IP 192.168.0.1, external IP 10.0.0.1
• client (inside of NAT): IP 10.0.0.2

Your server creates a socket bound to point 9898 and waits. Your client then creates a socket bound to port 0, meaning a random port is chosen. Let's assume it's port 10000. The client then sends a UDP packet to 192.168.0.10:9898. So the packet has:

• Source IP: 10.0.0.2
• Destination IP: 192.168.0.10
• Source port: 10000
• Destination port: 9898

The packet then passes through the NAT, which adjusts the source IP and port so responses can be sent back to the client. It chooses port 15000. So now the packet looks like this:

• Source IP: 192.168.0.1
• Destination IP: 192.168.0.10
• Source port: 15000
• Destination port: 9898

If the NAT later sees a packet coming from the outside network with same IP/port pairs above but with source/destination reversed, it will send it to 10.0.0.2:10000.

The server then receives this packet. But now you create a new socket on the server and bind it to port 0, so a random port is chosen, let's say 12000. The server then uses this socket to send the response back where it came. So the response packet looks like this:

• Source IP: 192.168.0.10
• Destination IP: 192.168.0.1
• Source port: 12000
• Destination port: 15000

The NAT then receives this packet, and needs to decide whether to forward it to an internal host. Had the source port been 9898 it would change the destination IP/port to 10.0.0.2:10000 and send it there. But it doesn't match, so the NAT drops the packet.

The server needs to use the same socket that received the packet from the client to send the response back. If it does the packet will look like this:

• Source IP: 192.168.0.10
• Destination IP: 192.168.0.1
• Source port: 9898
• Destination port: 15000

And the NAT will forward it to the client because it matches the packet that went out but with the source/destination swapped.

With regard to the server handling requests from multiple clients, it needs to keep track of where the request came from and have some sort of mechanism to keep state on each client to determine the appropriate response to send.

I still don't see apparmor audit records, but found out that adding --cap-add=SYS_PTRACE to docker run resolves an issue, polkit-gnome-authentication-agent-1 now running and applications which request root privileges after start working correctly.

I had to use another workaround to disable updater asking for root password after each connect: