Re: [qubes-users] Logging Drop Packets
Hi All - I think I got what I needed on my own. It just took a bit more reading about the Qubes Firewall to figure out where to put the logging line. I was really just looking to monitor outgoing traffic to see what rules I needed to add to allow. I do have one other question though.. Where are the rules that get added in the Qubes-GUI added and/or how does qvm-firewall fit into the equation? I can add rules into the qubes-gui, but I can't see to find the rules anywhere? Thanks in advance. Btw, thanks for the xenial install, unman.. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c3aa596b-7230-4e5f-9fc5-8b9da56096af%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Using http_proxy environment variable in Templates with qubes Updates Proxy
Using Qubes 4.0 in Whonix 14 template When using curl, the -x (or --proxy) parameter accepts the address (127.0.0.1:8082) that redirects to Qubes Updates proxy over RPC, and returns what you would expect. But with wget (which I think is a better choice than curl), setting the http_proxy environment variable is needed (according to 'man wget' and web resources) Using the following commands: 'export use_proxy=on' 'export http_proxy=http://127.0.0.1:8082' 'wget https://gitlab.com/repo/filename' produces this output: " Resolving gitlab.com (gitlab.com)... failed: Non-recoverable failure in name resolution. wget: unable to resolve host address 'gitlab.com' " Then try a domain name that does not exist: " Connecting to 127.0.0.1:8082... connected. Proxy request sent, awaiting response... 500 Unable to connect 2019-03-10 15:17:23 ERROR 500: Unable to connect. " What could the problem be? curl can use 127.0.0.1:8082, why not wget? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/293c144b-ae11-6312-aa02-a958a99c71a1%40elude.in. For more options, visit https://groups.google.com/d/optout. 0x92DE73BE73DFB0E5.asc Description: application/pgp-keys
Re: [qubes-users] Re: Broadcom wireless driver issue.
> I got close to quitting Qubes since I was not able to get the wifi working > properly but everything is working great right now. Glad for you ;-) Although the proper solution is to get rid of Broadcom in favor of something better (like Atheros ath9k), also for the security reasons... -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/CAAaskFA1v_ryv3zMFAk%2B-vHrt%2B7kA7NyH5RX_pSubAh3EuvsPg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Logging Drop Packets
On Sun, Mar 10, 2019 at 07:35:32AM -0700, cmsch...@gmail.com wrote: > Hi All - > > I think I got what I needed on my own. It just took a bit more reading about > the Qubes Firewall to figure out where to put the logging line. I was really > just looking to monitor outgoing traffic to see what rules I needed to add to > allow. > > I do have one other question though.. Where are the rules that get added in > the Qubes-GUI added and/or how does qvm-firewall fit into the > equation? I can add rules into the qubes-gui, but I can't see to find the > rules anywhere? > > Thanks in advance. > > Btw, thanks for the xenial install, unman.. > When you set rules in the GUI, or using qvm-firewall, the rules are set in the proxyVM next hop up, i.e. the netvm for the qube for which you are setting firewall rules. The rules will be set as iptables OR as nftables, depending on what is available in the proxyVM. You can see them using 'iptables -L -nv', or, if you have nftables, 'nft list table qubes-firewall'. If you have any comments on the xenial template, please pass them on. unman -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20190311004415.aoovgichylnubqja%40thirdeyesecurity.org. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] Re: Deleting debian-9 template and getting a new one returns an error: "Error: Unable to find a match"
@cooloutac: I'm using Qubes 4.0 right now @American Qubist 001: I'm sorry but I beg your pardon, could you please be more specific? An example at least of what you mean by using different syntax Could you also specify which repos you used? -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/39742c31-b185-49d0-9ec5-a6fa7295212d%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.