On Sunday, 18 September 2016 10:14:15 UTC+10, nishi...@gmail.com wrote:
> Following Qubes documentation on firewall
> https://www.qubes-os.org/doc/qubes-firewall/, I tried to put some basics
> iptables rules into /rw/config/rc.local in an AppVM but they don't persist
> after reboots :
> iptables -F
Don't use -F, flushing removes the Qubes inherant IPTables.
Don't -P either.
iptables -I INPUT 1 -i lo -j ACCEPT
iptables -I INPUT 2 -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -I INPUT 3 -p tcp --dport 80 -j ACCEPT
iptables -I INPUT 4 -p tcp --dport 443 -j ACCEPT
> When I type "sudo iptables -L", they don't appear after rebooting the VM, I
> have the same rules as before, it looks like the script isn't launched :(
> This is weird because the file is executable ! ("sudo chmod +x rc.local").
> Also I tried to add sudo before every line but it didn't change the outcome.
have you made sure it's executable? (ls -al)
If not, use the full command, not an abbreviated, because sometimes the
abbreviated only affects user and group, not everyone.
"chmod 766 rc.local" ?
You received this message because you are subscribed to the Google Groups
To unsubscribe from this group and stop receiving emails from it, send an email
To post to this group, send email to email@example.com.
To view this discussion on the web visit
For more options, visit https://groups.google.com/d/optout.