On 2020-06-22 16:37, Sven Semmler wrote:

Is there a better way for me to import the ranges from
https://api.github.com/meta or any other such configuration and import
them into a qubes firewall rules?

You can add firewall rules from Dom0. I've got a one-liner that will read IPs from a file and add them to the firewall of an AppVM.

WARNING, once you edit the firewall rules "manually" from within Dom0, you can no longer edit them from within the GUI. So, I recommend making a copy of your AppVM to test with before running it for real.

The script:

cat ips.txt | while read line; do qvm-firewall appvm-name add --before 0 accept dsthost=$line; done

ips.txt is a text file containing a list of ip addresses, one per line.
appvm-name is the name of the AppVM you want to add the rules to.

Note that this script will add each IP "before 0" (meaning, at the top of the rule list). Also note that this is set to "accept" connections from all of the IPs. If either of these things is not what you want, you'll need to edit it accordingly.

You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

Reply via email to