Hi I found an interesting approach of having a small unikernel firewall, that does not eat up too much RAM, especially useful for a laptop and also as there is a different ip-stack than in Linux one has an advantage against common errors: (if there is a flaw in the linux kernel it affects sys-net and sys-firewall, if there is a flaw in uni-kernel-firewall it only affects the firewall and if there is a flaw in the kernel then it affects sys-net and not sys-firewall!)
look here for the project: http://roscidus.com/blog/blog/2016/01/01/a-unikernel-firewall-for-qubesos/ https://github.com/talex5/qubes-mirage-firewall.git would be nice to have the mirage-os based firewall as an install option, by downloading a signed template with a tested mirage-os based firewall. Is there anyone who has experience with it? I would like to try it and help developing it further. Who else wants? Cheers, Ludwig -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/47b87496-5a00-4ec0-b699-a08ef956911b%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.