On Wed, Jun 28, 2017 at 11:05:58AM -0700, Dominique St-Pierre Boucher wrote: > On Wednesday, June 28, 2017 at 12:10:44 PM UTC-4, [email protected] wrote: > > Hi I have a VPN which uses 10.0.0.0/8 this makes collisions with all the > > subnets that sys-net uses, I was wondering if I could switch out the > > networks and use a class B network instead. > > > > Let me know if this info is not sufficient, I am going home from work so > > I'm in a hurry :P > > > > Thanks for your time. > > > > Best regards, > > Petur. > > I am also interested by this request. I have no idea how to change this! > > Dominique >
I had started on the basis that Qubes provides a classic internet-inna-box, and hacked about with SNAT. But there's a far simpler solution. First, take a backup of /usr/lib64/python2.7/site-packages/qubes/ - just copy that directory somewhere safe. Second, take a backup of /usr/lib64/python2.7/site-packages/qubes/ - Shutdown all running network connected qubes. Look in /usr/lib64/python2.7/site-packages/qubes/modules - delete 005QubesNetVm.pyc and 005QubesNetVm.pyc edit 005QubesNetVm.py and change every occurrence of 10.137 to 172.16 save the file. Restart sys-net, and any network connected qubes, as usual. Job done. NB, this isn't perfect because it doesn't correctly set the proxy service IP. If you use the default Qubes proxy you'll have to adjust iptables to get it working properly. Also, you'll see that disposableVMs have a different range - I don't use that at all, and have custom scripts to spawn disposableVMs attached to different routes. Should be trivial to work round that if you do something different. Both are, as they say, left as an exercise for the reader. This is, of course a hack, not supported, and undoubtedly breaks your warranty. If it all goes horribly wrong, shutdown all qubes, restore the original files from your backup and restart the network. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20170629225147.ziy4fupwzaqlqae6%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
