Hello Thomas. On Thu, 11 Apr 2019 at 14:02, Thomas Leonard <tal...@gmail.com> wrote:
> [...] > I've added some examples at > https://github.com/mirage/qubes-mirage-firewall/pull/54 (see the changes > to rules.ml). > Thanks a lot for your excellent work and adding more information to mirage-firewall, greatly appreciated. Regarding the example rules: | { src = `Client `Dev; dst = `Client `Untrusted; proto = `TCP { dport = 22 } } -> `Accept | { dst = `External `GoogleDNS } -> `Drop "block Google DNS" these two rules are easy to understand and will help me setting up rules between the AppVms | { src = `Client _; dst = `Client _; proto = `TCP _; packet } when not (is_tcp_start packet) -> `Accept Can you add more details about this rules, its an any-to-any rule, but what is "when not (is_tcp_start packet) ? - O/799 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAJ3yz2toeBCspFeA48WQstqpZoC_0NsagjJZ0XoB%3DaWFY28V1Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
