On Tuesday, August 6, 2019 at 9:45:51 PM UTC-4, Chris Laprise wrote: > > On 8/6/19 7:57 PM, thecodingn...@gmail.com <javascript:> wrote: > > Running ```sudo iptables -C FORWARD -o eth0 -j DROP``` throws an error > > itself: iptables: Bad rule (does matching rule exist in that chain?). So > > how can this ever run if running it directly in bash from inside the > > appvm does not work? > > > > On Tuesday, August 6, 2019 at 7:47:53 PM UTC-4, thecodingn...@gmail.com > > wrote: > > > > So apparently the tasket repo does not work|out of the box > > (obviously). Working through everything, now ran into an unfamiliar > > issue: pre-start firewall check fails with status 1. Looking at the > > code it seems the firewall rules are not there although firewall > > service is running actively. Executing the for loop in a standalone > > bash throws:| > > | > > | > > Fatal:can't open lock file /run/xtables.lock: Permission denied > > | > > The file is there, but i'm thinking this denial is purposeful and i > > prob should not sudo the loop execution. Any advice? > > FYI, the qubes lists discourage top-posting. Please reply at the bottom. > > The firewall rules should be in > /rw/config/qubes-firewall.d/90_tunnel-restrict. If they're not, this may > indicate the setup steps were not followed through to completion (i.e. > if you installed to your template, but forgot step 4). > > -- > > Chris Laprise, tas...@posteo.net <javascript:> > https://github.com/tasket > https://twitter.com/ttaskett > PGP: BEE2 20C5 356E 764A 73EB 4AB3 1DC4 D106 F07F 1886 >
you are right, but following exact instructions does not work as the following condition fails: ConditionPathExistsGlob=/var/run/qubes-service/vpn-handler* was not met There's not such service to be found under /var/run/qubes-service and in qube settings dialog, there's no such service to add to the vm. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5bfc5a57-9aaf-4018-944d-e3507fc340f7%40googlegroups.com.
