Hey guys,
My setup is sys-net <--> firewall <--> Special Purpose Server (SPS) <--> open
subnet of qubes
I setup the SPS to capture and analyze traffic. When I created the VM I marked
"provides networking" so any other VM behind can connect to it and can get out
to the internet.
My problem is
> you are simply sniffing the wrong side of the SPS.
> sniff the downstream interface(s) instead of upstream.
wouldn't a tcpdump -i eth0 sniff rx tx?
I see all external IPs it is reaching out but any hosts below the SPS shows as
if the traffic is coming from the SPS.
> this is basic linux ne
> > > you are simply sniffing the wrong side of the SPS.
> > > sniff the downstream interface(s) instead of upstream.
> > > wouldn't a tcpdump -i eth0 sniff rx tx?
>
> You will get the NAT'd addresses with this. You want to listen on the
> vif* addresses.
Thank you. That worked. I appreciate your
>
> Hello. I have a similar setup but without a VLAN - never been a fan. I have a
> 4-port pfsense router (community edition on a Protectli appliance), a couple
> of small unmanaged switches and a couple of ubiquiti APs. I cloned sys-net &
> sys-firewall to, say, sys-net-play & sys-firewall-pl
You use systems if you use almost any flavor of Linux. The systemd is a process
that controls so many things on a system that some people joke about it being a
second operating system on top of the Linux kernel. The "security hazard" part
comes from the sheer complexity of that code, because it
Hey guys,
Some of my VMs won't open "Terminal", and "Files". If I go to the dom0 terminal
and try to run
`qvm-run terminal` then I get a `command failed with code: 127`
I can still run xterm though.
Any ideas as to why and how to fix it?
Matt
--
You received this message because you are sub
> Check your remaining disk space. 9/10 times when I have issues running an
> application, it is caused by running out of space.
I have plenty of space.
> The crucial piece of informatio missing is which VM, and what
> templates are they based on?
> Do all qubes based on those templates act
> try either:
> `qvm-run xterm`
As I mentioned earlier that is working
> or
> `qvm-run gnome-terminal`
that did not work, but this one had a different error code:
`Command failed with code: 1`
I really don't understand this. There is no rhyme or reason behind what kind of
VMs don't work.
-
> check the output by adding a -p:
> qvm-run -p gnome-terminal
>
> it might actualy tell you why it does not want to start!
> (or it may even work if the reason for not starting is it wanting
> to say something...)
I hope this means something to you :)
# posix_spawn avoided (fd close requested)
I don't really understand why but installing `dbus-x11` fixed it.
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to qubes-users+unsubscr...@googlegroups.com.
To vi
Hey guys,
I ran: `sudo systemd-analyze blame` on my firewall.
and this came up:
3min 307ms qubes-firewall.service
3.834s dev-xvda3.device
763ms systemd-logind.service
598ms systemd-udevd.service
399ms qubes-sysinit.serv
Hey guys,
I've been using Qubes for quite a while now and I'm stoked.
I just finished building a second computer for Qubes. (This times it's AMD in
case it matters). Everything went perfect but when I tried installing a Windows
10 and a Server 2019 VM both died with BSOD. The error message was:
> It's not an uncommon error.
> Try the obvious - go in to the qube settings, and change VCPU to
Thanks. That helped to install it but I'd like to run it with more than one
core. Do you have a solution for that? It's still a BSOD after install if I try
to give more than one core.
--
You receiv
Hey guys,
I'm working on my 2nd Qubes machine and this one is giving me a hell of a ride.
My debian based templates no longer updating. It did work after the fresh
install but during setting things up at some point it stopped. I'm not sure at
what step so I couldn't backtrack. Fedora 31 still w
Hey guys,
I'm working on my 2nd qubes machine but this task I could never figure out on
the first one to begin with.
Can someone please tell me if you were able to achieve the following?
- Have two NICs handling two separate sys-net
- Behind each sys-net their own firewall
- behind the firewalls
> i dont fully understand that gparted screenshot, but it looks like
> you resized the partition already.
>
> so whats missing is on one of the LVM layers of the stack.
>
> check with "pvs", it should list a /dev/mapper/luks-something.
> does that PV have the right PSize of 900+ GB?
> if not, g
I've got this far but got stuck (see last output):
[@dom0 ~]$ sudo pvs
/dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576: read failed after 0 of
512 at 998053052416: Input/output error
/dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576: read failed after 0 of
512 at 998053171200: Inpu
sorry, I was a cottonheaded-ninnymuggins. I was supposed to run the lvextend
against the /dev/mapper/qubes_dom0-root
Now I did it but for some reason the lvs still won't see the full size
[@dom0 ~]$ sudo lvextend -l +100%FREE /dev/mapper/qubes_dom0-root
WARNING: Sum of all thin volume sizes
> Try just doing the passthrough first. If you can get the NICS to show up
> in `lspci` in the two sys-nets and configure networking so you can ping
> out.
>
> Command to attach the NIC: `qvm-pci attach sys-net2 dom0:`.
>
> PCI-address can be found in the output of `qvm-pci`.
Those are the exa
> > [@dom0 ~]$ sudo lvs qubes_dom0/pool00
> > LV VG Attr LSize Pool Origin Data% Meta% Move Log Cpy%Sync Convert
> > pool00 qubes_dom0 twi-aotz-- 347.98g 87.01 58.34
>
> if you want to enlarge logical volume qubes_dom0/pool00, you
> should enlarge qubes_dom0/pool00, not random other devices.
>
This is where I am at now (below). What would be the best course of action.
What would you if this was your mess to clean up? :)
[@dom0 ~]$ sudo pvs
WARNING: Device /dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d576 has
size of 1948924598 sectors which is smaller than corresponding PV size
This worked (see below). Thank you so much. You rock!
Only one question remained:
How to safely raise it to the maximum size (1TB ) and not just an arbitrary
number that's close enough?
[@dom0 ~]$ sudo pvresize --setphysicalvolumesize 900g
/dev/mapper/luks-55a20051-8c1a-435e-a1c8-862493f2d5
> Are you sure the second NIC works under Qubes, even by itself? Also, if
> it's dual ports on a single card, try adding a separate physical NIC card.
Great thinking! That was one of the first things I have tried. And just to
clarify the first NIC is integrated on the mobo and the second one is w
> > > > Hi,
> > > > Has anyone had any luck with cloning a crypted Qubes installation using
> > > > Clonezilla?
> > > > Even using DD the clone just won't boot
> > > > Thanks
I had no problem cloning an encrypted Qubes (nvme to nvme). I used the advanced
mode.Make sure you chose disk to disk. Tha
24 matches
Mail list logo