I found some instructions on stackexhange but they are probably ment to be used on the same computer as you are surfing from.
If I run this and disconnect my VPN nothing is blocked. What am I doing wrong? iptables -P FORWARD DROP # we aren't a router iptables -A INPUT -m state --state INVALID -j REJECT iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT iptables -A INPUT -i lo -j ACCEPT iptables -A INPUT -s 192.168.0.0/16 -j ACCEPT # my LAN and looks like I got an internal ip from my VPN provider iptables -A INPUT -s 196.52.17.0 -j ACCEPT # vpn ip iptables -A INPUT -s 213.179.212.2 -j ACCEPT # vpn ip iptables -A INPUT -s 213.179.208.146 -j ACCEPT # vpn ip iptables -P INPUT DROP # Drop everything we don't accept Traceroute from a VM traceroute 8.8.8.8 traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 10.137.2.1 (10.137.2.1) 2.430 ms 2.414 ms 2.404 ms 2 10.137.5.1 (10.137.5.1) 2.399 ms 2.383 ms 2.373 ms 3 10.137.1.1 (10.137.1.1) 2.526 ms 2.516 ms 2.498 ms 4 192.168.1.1 (192.168.1.1) 5.915 ms 5.917 ms 5.902 ms then out to the internet // Fredrik -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f407eb07-012a-4254-84f6-a3914bb12479%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
