-------- Original Message --------
On 2017年1月1日 11:11, wrote:
Hi, From my understanding, the FirewallVM is where the firewall rules are put 
into place from the Qubes VM Manager. The sys-firewall VM acts as the 
FirewallVM by default but what decides which VM gets that role? Is it 
automatically the first ProxyVM connected through the NetVM? Does naming a 
ProxyVM "sys-firewall" make it the FirewallVM? I can't find anything on how the 
FirewallVM is decided in the documentation at 
https://www.qubes-os.org/doc/firewall/. It would be handy to know if creating 
all VMs from scratch instead of using the defaults when Qubes OS is installed. 

When you create an VM, you have the option of making it a ProxyVM. After that, 
you can connect other VMs (even ProxyVMs) to that ProxyVM, making the ProxyVM 
the FirewallVM of the VM. IIRC, the option in Qubes Manager that decides what 
ProxyVM an VM connects to is simply called "NetVM".
In short, there's not really an "one and only FirewallVM" in the system, but 
FirewallVMs that are assigned to each AppVM.


You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
For more options, visit https://groups.google.com/d/optout.

Reply via email to