On 2017-11-27 09:33, awokd wrote: > On Mon, November 27, 2017 05:40, pr0xy wrote: >> On 2017-11-20 18:08, awokd wrote: >>> On Mon, November 20, 2017 10:01, pr0xy wrote: >>>> Please help a somewhat noob who wants to use Qubes in the office. >>>> >>>> I got the OK to try using Qubes R3.2 in my company network as a >>>> workstation. They have a very restrictive proxy that forces all traffic >>>> through an HTTP/HTTPS proxy like: >>>> >>>> proxy.example.com:8080 >>>> >>>> How could I force all Qubes traffic to go through that proxy and that >>>> port? >>>> >>>> Would that be in sys-net, or a Firewall VM? >>> >>> Check https://www.qubes-os.org/doc/vpn/ . Ignore the parts about VPN >>> setup >>> but you should be able to set up your proxy redirect in the Proxy VM. >>> I'm >>> assuming local traffic like DNS lookups would not go through the proxy. >> >> Thanks. I have been reading up on the ProxyVM, which seems to be the way >> I would do this, but I'm a bit confused as to where I would add these >> proxy settings. I'm not familiar with manipulating IP tables, or writing >> the sort of scripts on that page, but is that what I would need to set? >> >> I wanted to stay away from setting the environment variables for >> http_proxy, https_proxy, ftp_proxy and no_proxy in each VM. Ideally I >> think I'd like to use a ProxyVM to proxify an entire AppVM, but the >> documentation doesn't make it clear how I would attempt this. > > You're right, you'd need to manipulate IP tables. There is no built in way > to do it with just the Qubes UI. > > See > https://stackoverflow.com/questions/10595575/iptables-configuration-for-transparent-proxy > for an example if you wanted to use the transparent proxy approach. > Sys-whonix is essentially a transparent proxy that forwards all traffic > through Tor. > > Another option could be > https://www.qubes-os.org/doc/config/http-filtering-proxy/ . See also > https://theinvisiblethings.blogspot.de/2011/09/playing-with-qubes-networking-for-fun.html
I know how to manipulate a torrc file to work through my proxy. That works very well as I can just set HTTPProxy host[:port] and it goes. In a ProxyVM I'm a bit lost. Would I be setting Firewall rules in the VM, or adding a network connection and manipulating that? I'm not clear where I would be manipulating the IP Tables. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/a0d09ed0eda8239c50cd38fdf2c96338%40riseup.net. For more options, visit https://groups.google.com/d/optout.
