On 4/11/20 8:32 AM, hsfcyxr hsfcyxr wrote:
There’s a second computer to access the Clinet.
How do I completely block traffic bypassing sys-whonix? I don’t know
much English, so I couldn’t find it myself, I read qubes and whonix
documentation.
(I marked dom0 updates via tor during installation, prescribed “sudo
systemctl restart qubes-whonix-torified-updates-proxy-check”, installed
everything in Qube Manager except sys-firewall, sys-whonix, sys-net and
Tamplate VM on sys-whonix,
Qubes global settings -> Dom0 UpdateVM -> sys-whonix
Qubes global settings -> ClockV -> sys-whonix
Qubes global settings -> Default netVM -> sys-whonix
Qubes global settings -> Default template -> fedora-30
Qubes global settings -> Default DisposableVM Template -> fedora-30-dvm
)
Maybe there are some guides to setting qubes to anonymity so that the
browser can’t recognize my time zone (so that it is different on
different AppVMs). And how to add a different language to the keyboard,
again, so that it would be visible only on the AppVMs I need.
img: qubes-os[.]org/attachment/wiki/posts/admin-api.png
*I will formulate a more specific question, as in the diagram above, to
block all connections to sys-net except sys-whonix->sys-firewall->sys-net.*
Its best to ask about Whonix specifics on the whonix.org forums.
However, I'm pretty sure that sys-whonix is already configured not to
allow any non-Tor traffic; That is the point of having a Tor VM in the
first place, to enforce network containment as strongly as possible.
--
Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/qubes-users/fe6dae00-ff23-a600-539d-38e6cdc92793%40posteo.net.
