On Friday, 9 February 2018 03:44:13 UTC-5, awokd wrote: > On Fri, February 9, 2018 7:33 am, bowabos wrote: > > On Friday, 9 February 2018 06:50:05 UTC, [email protected] wrote: > > > >> Fedora templates have a weird issue where the packet counter on the > >> sys-net nat FORWARD chain does not increment. The PREROUTING chain does > >> increment. > > I saw this too when trying to follow the port forwarding example in > https://www.qubes-os.org/doc/firewall/ . Mentioned it on qubes-users. > @adubois is researching as well.
https://gist.github.com/Joeviocoe/6c4dc0c283f6d6c5b1a3f5af8793292b Try this Portfwd script. It was modified to work with new fedora templates using nft. Created an updated version for Qubes 4.0 (RC4 tested) Portfwd.sh <vm> <port> <proto> | <vm> clear all Command line specify the "VM, Port and Protocol"... or just "VM clear all" to undo previous. Script will recursively configure iptables/nft for all proxyVMs in use. Now uses comments on iptables to remove previous entries (no duplicates) Works with Fedora 25/26 which uses nft rules along with iptables Works with Debian 8/9 too -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/8a0d97ad-843e-4a44-ae07-86885ad396d1%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
