Qubes is the only well-maintained type-1 client hypervisor that exists as far as I know. I tried XenClient earlier in the decade, and it was an awesome product in my opinion. However, it ceased development.
I think my use-case could be accomplished via iptables rules, but as I mentioned, I've never been very good with those rules and don't use it enough to have become proficient. This page is a good starting point and specifically mentions my use-case: https://www.qubes-os.org/doc/firewall/#enabling-networking-between-two-qubes However, rules have to be added to sys-firewall *and* each VM on a per-IP basis. I would think there is a way to add a rule to sys-firewall that would open networking between all VMs by using CIDR blocks. Yes? No? For those still concerned with security, it would always be possible to have two sys-firewall VMs: one to provide the default isolation and one to allow networking between systems. That would be a great setup, but I just don't know how to do it. On Monday, March 16, 2020 at 11:31:17 PM UTC-5, Sven Semmler wrote: > > On Mon, Mar 16, 2020 at 09:16:40PM -0700, arthur...@gmail.com > <javascript:> wrote: > > Interesting. It seems a little dated, though. Have you ever used it? > > > > On Monday, March 16, 2020 at 11:10:22 PM UTC-5, Sven Semmler wrote: > > > This looks like what you want: > > > https://github.com/Rudd-O/qubes-network-server > > > (last updated in Nov 2018) > > Nope. I don't have your use case. I wonder if plain vanilla hypervisors > wouldn't be a better fit for you. > > /Sven > > -- > public key: https://www.svensemmler.org/0x8F541FB6.asc > fingerprint: D7CA F2DB 658D 89BC 08D6 A7AA DA6E 167B 8F54 1FB6 > > -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/db02370a-a57a-4172-8843-968c542dfc2f%40googlegroups.com.