Manuel Amador (Rudd-O): > Folks, it gives me great pleasure to announce the product of over two > years of work (primarily because I never paid enough attention to this > project to bring it to completion): Qubes network server. > > The traditional Qubes OS networking model contemplates a client-only use > case. User VMs (AppVMs or StandaloneVMs) are attached to ProxyVMs, which > give the user control over outbound connections taking place from user > VMs. ProxyVMs in turn attach to NetVMs, which provide outbound > connectivity for ProxyVMs and other user VMs alike. > > Qubes network server changes all that. With the Qubes network server > software, it becomes possible to make network servers in user VMs > available to other machines, be them peer VMs in the same Qubes OS > system or machines connected to a physical link shared by a NetVM. You > get actual, full, GUI control over network traffic, both exiting the VM > and entering the VM, with exactly the same Qubes OS user experience you > are used to. > > This is all, of course, opt-in, so the standard Qubes OS network > security model remains in effect until you decide to share network servers. > > Anyway, without further ado: > > https://github.com/Rudd-O/qubes-network-server > > Real easy: clone, build, install, test. I tested it with Qubes 3.1, but > it's very likely that it'll work fine in Qubes 3.2. I recommend you > test this on a Qubes machine that is not your main Qubes machine, but > the code does not do anything funky, and uninstalling the program should > be enough to revert your system back to its original state. > > I hope we can turn this add-on into a core Qubes feature. As always, > contributions to the project — reports, code enhancements, pull > requests, other items — are very much welcome!
Ooh, nice! This should be a huge benefit to usability for these use cases -- while manual port forwarding via iptables is a thing, it's really error-prone and time-consuming to debug. Thanks for your work on this. (For anyone wondering, I haven't tested it due to lack of time at the moment.) Cheers, -Jeremy -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7ad3b276-56da-65fa-c62c-40dcb64a120a%40airmail.cc. For more options, visit https://groups.google.com/d/optout.
Description: OpenPGP digital signature