On 12/18/2017 09:15 AM, donoban wrote: > On 12/18/2017 03:10 PM, donoban wrote: >> First: >> - Block all traffic and whitelist your DNS provider IP with sys-firewall >> (you should connect your VPN-VM to sys-firewall). For riseup and bitmask >> you should permit some ip's. > > Also consider disabling ICMP and DNS queries > >> Then: >> The solution is edit /etc/resolv.conf to the default gw of the tunnel. >> Try 'sudo route -n' and see the gateway which uses tun0 interface. >> > > After editing /etc/resolv.conf you have to run: > > 'sudo /usr/lib/qubes/qubes-setup-dnat-to-ns' > > for doing it effective.
FYI this is the issue I created to try to collect clear instructions for Bitmask users: https://github.com/QubesOS/qubes-issues/issues/2021 the ticket is still open and once clear documentation is created we can push it to the website. Thanks, Michael -- Michael Carbone Qubes OS | https://www.qubes-os.org @QubesOS <https://www.twitter.com/QubesOS> PGP fingerprint: D3D8 BEBF ECE8 91AC 46A7 30DE 63FC 4D26 84A7 33B4 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/2dfaf4da-e931-ea8d-c1de-fda67d4137cb%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
