On Sun, Jun 02, 2019 at 01:28:59PM +0000, ronpunz wrote: > > On 6/2/19 1:06 AM, unman wrote: > > On Fri, May 31, 2019 at 06:25:41PM +0000, ronpunz wrote: > > > On 5/31/19 10:30 AM, unman wrote: > > > > On Fri, May 31, 2019 at 08:43:59AM +0000, ronpunz wrote: > > > > > On 5/31/19 12:51 AM, unman wrote: > > > > > > On Thu, May 30, 2019 at 09:56:18AM +0000, ronpunz wrote: > > > > > > > I'm attempting setup a netvm using openbsd. > > > > > > > > > > > > > > I'm following Unman's guide > > > > > > > https://github.com/unman/notes/blob/master/openBSD_as_netvm but > > > > > > > "fell at the > > > > > > > first hurdle" i.e. Line No1 states "Install OpenBSD as HVM > > > > > > > Template". Does > > > > > > > this mean a standalone template? If so I've successfully > > > > > > > completed this > > > > > > > stage, but, am unable to proceed to line No2 " Create netvm > > > > > > > "openFW" using > > > > > > > OpenBSD as template" - as I understand it an appvm cannot be > > > > > > > created from a > > > > > > > standalone template. That being the case, it looks like I need to > > > > > > > create an > > > > > > > openbsd template - but how? I need either source code to build it > > > > > > > or a > > > > > > > repository to download it? As far as I'm aware, neither exists? > > > > > > > > > > > > > > Any help would appreciated > > > > > > Those are notes, not really intended as a guide. > > > > > > > > > > > > What you need is: > > > > > > qvm-create --class TemplateVM openBSD --property virt_mode=HVM > > > > > > --property kernel='' -l purple > > > > > > qvm-create -t openBSD --property virt_mode=HVM --property kernel='' > > > > > > -l purple open > > > > > Thanks Unman for getting me up and running. > > > > > > > > > > I made it down to line 12 Set fw as netvm for openFW. > > > > > qvm-prefs openFW netvm fw. This command returns: qvm-prefs : error : > > > > > the fw > > > > > qube does not provide network. > > > > > > > > > > Is there a workaround for this? > > > > > > > > > > I managed to get round this with "qvm-prefs openFW provides_network > > > > > true". > > > > I assume you meant:"qvm-prefs fw provides_network true". > > > > > > > > > This enabled me to proceed to the next step "start openFW". However, > > > > > it > > > > > starts only in a transient state (i.e. qubes manager shows yellow led > > > > > not > > > > > the usual green) As a consequence I can't start fw. > > > > > > > > > Ignore this - it's because you dont have any qvm hooks in the HVM. Same > > > > would apply for any HVM - windows, linux, BSDs > > > > Start fw first. Then openFW. > > > > > > > Have now completed all the steps with the exception of line No 44; Bring > > > up > > > em0 - dhclient em0 - which resulted in an error. > > > > > > I now have a network applet associated with fw. But am unable to obtain a > > > connection to my router. > > > > > > From openFW I'm able to ping 10.137.0.34 and the gateway to fw; > > > 10.137.0.33 > > > > > > Not sure which direction to go next and to be honest, feel a bit out of my > > > depth. When I started this task I thought there was a simple correlation > > > between openFW to sys-net and fw to sys-firewall. In reality it seems a > > > fair bit more complicated than that. For example, fw seems to have a dual > > > firewall and network interface role? > > > > > I dont understand what this means. > > There is simple correlation as you describe, it's just that fw needs to > > do a little more work to provide the internal interface to the HVM. > > > > What error do you get when you bring up em0? > > What's the output from ifconfig? > > > Hi I appreciate you're continuing patience and support. > > I've started afresh on a development box. > > I managed to get em0 up > > Here's the results of ifconfig (on 2 screenshots - because I couldn't expand > the terminal dialogue box - I know that's sad) > > > Have tried without success getting the network applet up and running - I > > chose vif26 as client and under ipv4 auto dhcp but recognise that probably > > wrong. > Incidently I note that the settings in OpenFW are non-persistent, as is fw > vif reference number. Once the system works properly, is there a way to make > things persistent across reboots? > >
Dont bother with the network applet - all the work in fw is done with the interplay between the vif+ interfaces. This is dealt with in the scripts that you place in /rw/config. OpenFW is indeed amnesiac - I like it that way. If you want persistence, you can configure mounts to another disk, and then put scripts on that disk to configure your setup as you want. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190602135055.ekzrwiafse7azhim%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
