On Tue, March 13, 2018 8:46 pm, idanqu...@gmail.com wrote: > On Tuesday, March 13, 2018 at 3:14:20 AM UTC+2, awokd wrote: > >> On Mon, March 12, 2018 10:21 pm, idanqu...@gmail.com wrote: >> >>> I'm trying to build a server that uses tcp protocol, and I'm having >>> trouble figuring the firewall rules that I need to set in order to >>> connect the server so it would be able to communicate with a specific >>> client through the internet. >>> >>> I'm aware that there is the guide for networking and firewall: >>> https://www.qubes-os.org/doc/firewall/ >>> >>> >>> >>> but unfortunately I cant infer it to my use case. >> >> Not sure what you mean- Qubes doesn't need any special rules to >> communicate out. If you want to restrict inbound communications to the >> single source IP of your client, follow the guide and use that IP in >> the rule. I think there's an example like that in there. > > allow me to elaborate i am trying to route all incoming traffic to a > single vm there is an example that supposedly does just that however i have > zero experience in "IP tables" and as such the example, as detailed as it > is does not explain to me how to achieve the desired result with a > specific vm and its corresponding ip for example i have no idea what > "MY-HTTPS" is meant to reference
"MY-HTTPS" is a label/name- just type it as is. Depending on how you are doing your inbound NATing, you may need to restrict the source IP at your outside firewall/router or in this line of the sys-net configuration: "iptables -A MY-HTTPS -s 192.168.x.0/24 -j ACCEPT". -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/98eaec46672c594f6c6e9a4be5e08467.squirrel%40tt3j2x4k5ycaa5zt.onion. For more options, visit https://groups.google.com/d/optout.
