On Thu, 30 May 2024 14:48:41 -0400 Demi Marie Obenour wrote: > Correct.
Then: On Tue, 28 May 2024 16:49:51 -0400 Demi Marie Obenour wrote: > How do you plan to handle sys-net and VPN qubes? I can think of 2 options: 1. Stick with prerouting for those interfaces 2. Have some internal (in-qube) monitoring mechanism watching for new interfaces and create chains based on such events. The problem with both options is that the firewall running inside sys-net is just as reliable as sys-net being free from userspace malware. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-devel+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20240531182309.0f8a5b73%40localhost.
