Le mardi 14 février 2017 13:08:37 UTC+1, Joe Ruether a écrit :
> On Monday, February 13, 2017 at 9:35:52 PM UTC-5, Joe Ruether wrote:
> > Ok, I need to simplify this. I need help, I don't know what I am missing. 
> > Is anyone able to recreate the following netcat test?
> > 
> > I cannot seem to get the DNAT portion of the iptables to work at all. Here 
> > is a very simple test:
> > 
> > On the proxyvm, I use the following rules to redirect port 5353 to 
> > localhost, and allow the connection:
> > 
> > iptables -t nat -I PR-QBS 1 -d 10.137.4.1 -p tcp --dport 5353 -j DNAT 
> > --to-destination 127.0.0.1
> > iptables -I INPUT 1 -p tcp --dport 5353 -j ACCEPT
> > 
> > Then, on the proxyvm, I run the following command to listen on that port 
> > (no other service is running on that port):
> > 
> > nc -l -p 5353
> > 
> > Finally, on the AppVM, I run the following command:
> > 
> > nc 10.137.4.1 5353
> > 
> > My expectation is that the two netcats will connect, however they don't. 
> > What do I need to do to get my AppVM to talk to my ProxyVM? Thanks
> 
> Well, I feel like a fool, I finally figured it out. I realized the DNAT rules 
> aren't necessary at all, so all I needed was this:
> 
> iptables -I INPUT 1 -p tcp --dport 5353 -j ACCEPT
> 
> Of course I overcomplicated such a simple problem... I learned a bunch about 
> iptables though.
> 
> I also have the PiHole adblocker working now. In case anyone stumbles onto 
> this thread trying to do the same thing, the final trick was to add the Qubes 
> vif interfaces to a dnsmasq config file to it would listen on them.

Hi Joe,
I'm would like to build a similar setup, with pi-hole as a proxyVM for some 
browsing AppVM on my fresh Qubes 4.0 install. 
I'm quite a beginner to Qubes (and to linux more genrally) and I'm struggling 
following what you've done to make it work. (I have also tried to follow some 
other instructions here: 
https://blog.tufarolo.eu/how-to-configure-pihole-in-qubesos-proxyvm/ but either 
I'm missing something, or it doesn't work like this anymore with 4.0)
Have you updated your setup to Qubes 4.0 if needed ?
Would you please agree to summarize as simply and clearly as possible the 
necessary steps to make it work for a noob like me.
Thanks

Tom

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/5231186a-8856-45b6-8b7b-67fcfe9bf86d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to