Re: [qubes-users] handling DNS resolution when running comercial VPNs

Wed, 07 Aug 2019 06:46:00 -0700 

On 8/7/19 9:39 AM, thecodingninjaisb...@gmail.com wrote:



On Tuesday, August 6, 2019 at 9:45:51 PM UTC-4, Chris Laprise wrote:

    On 8/6/19 7:57 PM, thecodingn...@gmail.com wrote:
     > Running ```sudo iptables -C FORWARD -o eth0 -j DROP``` throws an
    error
     > itself: iptables: Bad rule (does matching rule exist in that
    chain?). So
     > how can this ever run if running it directly in bash from inside the
     > appvm does not work?
     >
     > On Tuesday, August 6, 2019 at 7:47:53 PM UTC-4,
    thecodingn...@gmail.com
     > wrote:
     >
     >     So apparently the tasket repo does not work|out of the box
     >     (obviously). Working through everything, now ran into an
    unfamiliar
     >     issue: pre-start firewall check fails with status 1. Looking
    at the
     >     code it seems the firewall rules are not there although firewall
     >     service is running actively. Executing the for loop in a
    standalone
     >     bash throws:|
     >     |
     >     |
     >     Fatal:can't open lock file /run/xtables.lock: Permission denied
     >     |
     >     The file is there, but i'm thinking this denial is purposeful
    and i
     >     prob should not sudo the loop execution. Any advice?

    FYI, the qubes lists discourage top-posting. Please reply at the
    bottom.

    The firewall rules should be in
    /rw/config/qubes-firewall.d/90_tunnel-restrict. If they're not, this
    may
    indicate the setup steps were not followed through to completion (i.e.
    if you installed to your template, but forgot step 4).


    -- 


    Chris Laprise, tas...@posteo.net
    https://github.com/tasket
    https://twitter.com/ttaskett
    PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886



you are right, but following exact instructions does not work as the 
following condition fails: 
ConditionPathExistsGlob=/var/run/qubes-service/vpn-handler* was not met



There's not such service to be found under /var/run/qubes-service and in 
qube settings dialog, there's no such service to add to the vm.



Per step 1... "add vpn-handler-openvpn to the ProxyVM's Settings / 
Services tab by typing it into the top line and clicking the plus icon."


You have to type it in first and click 'plus' icon.

--

Chris Laprise, tas...@posteo.net
https://github.com/tasket
https://twitter.com/ttaskett
PGP: BEE2 20C5 356E 764A 73EB  4AB3 1DC4 D106 F07F 1886

--
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/8ff851ed-f439-0f4a-b618-e9c3242e1eed%40posteo.net.






















					Reply via email to