Sven Semmler: > Hi, > > I created a sys-firewall based on debian-10-minimal: > > * qvm-clone debian-10-minimal deb-10-sys-firewall > * qvm-create --template deb-10-sys-firewall --label blue dvm-sys-firewall > * qvm-prefs dvm-sys-firewall template_for_dispvms True > * qvm-create --class DispVM --template dvm-sys-firewall --lable blue > sys-firewall > * qvm-prefs sys-firewall provides_network True > * qvm-prefs sys-firewall netvm sys-net > > Then in deb-10-sys-firewall (template): > > * sudo apt-get install qubes-core-agent-networking > qubes-core-agent-dom0-updates > * attempting to install iproute tells me that this package no longer exists > and I shall try iproute2 > * iproute2 does exist and was already installed > > Then in dvm-sys-firewall (template for disposable): > > * added "iptables -I FORWARD 2 -s 10.137.0.21 -d 10.137.0.25 -j ACCEPT" to > /rw/config/qubes-firewall-user-script > > Then shut everything down and started sys-firewall. > > Result: > > * network connectivity working > * the above mentioned iptables rule is working (.21 can connect to .25) > * qubes-qube-manager gives me this error when I try to edit the firewall > rules of any qube connected to sys-firewall: "Networking qube does not > support 'qubes-firewall' - firewall restrictions will not be applied." > * however it does not give me this error when I try to edit other qubes > connected to sys-whonix > > Any ideas? > > /Sven > Maybe it doesn't like the "disposable" part? Try it with a regular AppVM based on that same minimal template.
-- - don't top post Mailing list etiquette: - trim quoted reply to only relevant portions - when possible, copy and paste text instead of screenshots -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/0e3469a9-8219-3b3c-c071-bad91494dba6%40danwin1210.me.
