Hello All,
I have installed PiHole in a standalone qubes and can use it to block adverts.
The problem I have is that I have to keep setting the following firewall rules
for it to work!
===== BEGIN
# Flush the PR-QBS chain
iptables -t nat -F PR-QBS
# Add a rule that redirects all the DNS traffic to localhost:53
iptables -t nat -I PR-QBS -i vif+ -p udp --dport 53 -j DNAT --to-destination
127.0.0.1
# Add a rule that accepts the traffic coming to localhost
# from XEN's virtual interfaces on port 53
iptables -I INPUT -i vif+ -p udp --dport 53 -d 127.0.0.1 -j ACCEPT
# Enable the traffic coming from the virtual interfaces
# to be forwarded to the loopback interface
# enabling the route_localnet flag on them
find /proc/sys/net/ipv4/conf -name "vif*" -exec bash -c 'echo 1 | sudo tee
{}/route_localnet' \;
===== END
I have tried saving these /rw/config/rc.local and
/rw/config/qubes-firewall-user-script but I still have to keep running the
rules.
Should I be saving then rules in another location? I used this tutorial to
setup Pihole -
https://blog.tufarolo.eu/how-to-configure-pihole-in-qubesos-proxyvm/
Any help would be apprectiated.
Regards,
Chris
-
Chris Willard
[email protected]
Sent with [ProtonMail](https://protonmail.com) Secure Email.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/zc7x46pWB0VxqCiDsnfrLrpVpLsaVu2bY0_eRe1rgOfI6kf0YXrY__gdXi0_Wvgq7_Nki7De3sXuSjGPMW8p97lcGeZlkOg2lrpJOnPMLh4%3D%40meliser.co.uk.
For more options, visit https://groups.google.com/d/optout.
