On 03/11/2018 03:03 PM, David Hobach wrote:
So yes, if one is aware of that issue, one can certainly use it the way you described. If you rely on the qubes-firewall to work as expected, you shouldn't use it.
P.S.:An alternative might be to setup the local DNS service in a VM closer to the Internet, i.e. not in the proxy VM which also implements the qubes firewall.
Something likeInternet <-- sys-net <-- sys-firewall <-- DNS server VM <-- proxy VM with qubes-fw <-- client VM
I didn't test that though. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to email@example.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ec054435-0c3c-9517-f02f-f9c2c50c19a8%40hackingthe.net. For more options, visit https://groups.google.com/d/optout.
Description: S/MIME Cryptographic Signature