Hello, You can use iptables to manipulate the firewall within the AppVM. Additionaly you might need to edit sys-firewalls firewall. Do you have information about the IP addresses of your Android phone and the AppVM you want to use?
Using IPtables is really easy and it makes sense to look through the existing documentation. And it makes sense to understand how a firewall is working as it is part of your line of defense. Read this documents: https://devopscube.com/iptables-tutorial-beginners/ https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ And I like this one, as it explains not only the commands: http://www.pinoylinux.org/tutorial/the-beginners-guide-to-iptables-the-linux-firewall/ You need to allow traffic on the INPUT and OUTPUT chain as you want incoming and outgoing traffic. Hint: To allow a port range you could add something like this: Example: allowing incoming TCP traffic on ports 1000-2000 from any IP address. iptables -I INPUT -p tcp --dport 1000:2000 I would suggest start with a simple rule and harden it by replacing it with source & destination options, so that only specific traffic is allowed. I have started to built my own iptables rules, by deleting everything and rewrite from scratch what I need. If you have any question or need help after reading some of the above links, do not hesitate to contact me ;-) [799] -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d372Yw7Kiir_UX6vw4GiJcWdX7Gn2oN6SMcFzB8YWgmO0rNRgCKs_jB86AZvDO2AU5FPanZXF6fpIBOy2CrLMxQU-R97VQ7o9XOAmLN3oPA%3D%40protonmail.com. For more options, visit https://groups.google.com/d/optout.
