Re: [qubes-users] I want to use a HVM as a NetVM, cat assign vif+ interface
post your pf.conf? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e0e1e5f1-c972-44ba-a88f-17352f963cec%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] I want to use a HVM as a NetVM, cat assign vif+ interface
On Wed, Aug 22, 2018 at 07:41:36AM -0700, lite...@gmail.com wrote: > Also I thought HVM implies that it is a VM that can be started from an ISO. > https://www.qubes-os.org/doc/hvm/ > And the fact that I posted the link to the tutorial should make it easier to > understand what I want to do here: use Ubuntu as a netVM > There's a difference between a qube running in HVM virt_mode, which is what sys-net does, and a HVM as StandAlone. There is a work round which you can try, which uses the Qubes infrastructure. Create a non networked firewall and attach the HVM to it. This gives you a vif+ in the Ubuntu HVM. Attach your qubes to the new firewall. Change the routing and iptables on the new firewall to allow traffic flows between the vif+ interfaces as appropriate. Insert a new rule to forward DNS to your chosen server. The advantage is this requires no configuration on the qube side, so you can switch easily between different netvm egress points, by attaching to different firewalls. The native Qubes firewall tools work fine. I do this to run OpenBSD as one of my netvms. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20180823141127.2i57irw34lg2ppk4%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] I want to use a HVM as a NetVM, cat assign vif+ interface
Also I thought HVM implies that it is a VM that can be started from an ISO. https://www.qubes-os.org/doc/hvm/ And the fact that I posted the link to the tutorial should make it easier to understand what I want to do here: use Ubuntu as a netVM -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9484966d-4f03-42c7-ae59-e48528063ccd%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] I want to use a HVM as a NetVM, cat assign vif+ interface
Thanks for replying akwod. Standalone HVM - the kind you start from an ISO -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/ba84144a-df74-4806-9f71-99ac1ff705c4%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] I want to use a HVM as a NetVM, cat assign vif+ interface
On Wed, August 8, 2018 5:53 pm, Andreas Moreiro wrote: > > Qubes dev said in his last post here, that it can not be done in 2014. > https://groups.google.com/d/topic/qubes-users/RFXoZ3zt-PE > > > I tried it for myself, and I can assign the PCI device, and get an eth0 > interface, however I can't assign the virtual interface vif+ to the HVM. > > I tried attaching in Dom0 with: > xl network-attach whonix-gw-clone-1 script=/etc/xen/scripts/vif-route-qubes > ip=... backend=firewallVM and got an error: libx: > error:libx.c:2044device_addrm_aocomplete: unable to add device > > > > Tried to start the firewallvm, with the HVM as its netVM, and got these > errors in the log: > > libxl_device.c:1081:device_backend_callback: unable to add device with > path libxl_device.c:1512:device_attach_devices: unable to add nic devices > libxl_device.c:1081:device_backend_callback: unable to remove device with > path libxl.c:1669:devices_destroy_cb: libxl_devices_destroy failed > > > i used some parts of this tutorial for inspiration: > https://garlicgambit.wordpress.com/2016/04/22/how-to-run-tails-from-a-qub > es-live-cd/ > > Thanks for reading. Any suggestions? Sys-net is already an HVM. Are you trying to make a custom template? You shouldn't have to manually assign interfaces. Did you check the "provides network" box when creating your custom sys-net? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7fc023164d6dc45068ff1d625c0b0da0.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
[qubes-users] I want to use a HVM as a NetVM, cat assign vif+ interface
Qubes dev said in his last post here, that it can not be done in 2014. https://groups.google.com/d/topic/qubes-users/RFXoZ3zt-PE I tried it for myself, and I can assign the PCI device, and get an eth0 interface, however I can't assign the virtual interface vif+ to the HVM. I tried attaching in Dom0 with: xl network-attach whonix-gw-clone-1 script=/etc/xen/scripts/vif-route-qubes ip=... backend=firewallVM and got an error: libx: error:libx.c:2044device_addrm_aocomplete: unable to add device Tried to start the firewallvm, with the HVM as its netVM, and got these errors in the log: libxl_device.c:1081:device_backend_callback: unable to add device with path libxl_device.c:1512:device_attach_devices: unable to add nic devices libxl_device.c:1081:device_backend_callback: unable to remove device with path libxl.c:1669:devices_destroy_cb: libxl_devices_destroy failed i used some parts of this tutorial for inspiration: https://garlicgambit.wordpress.com/2016/04/22/how-to-run-tails-from-a-qubes-live-cd/ Thanks for reading. Any suggestions? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/9a91ce8a15b97a6cae4cf0e71d96c181.squirrel%40bitmailendavkbec.onion. For more options, visit https://groups.google.com/d/optout.
