Re: [qubes-users] tcp/udp server on qubes
On Thursday, March 15, 2018 at 2:09:22 PM UTC+2, awokd wrote: > On Tue, March 13, 2018 8:46 pm, idanqu...@gmail.com wrote: > > On Tuesday, March 13, 2018 at 3:14:20 AM UTC+2, awokd wrote: > > > >> On Mon, March 12, 2018 10:21 pm, idanqu...@gmail.com wrote: > >> > >>> I'm trying to build a server that uses tcp protocol, and I'm having > >>> trouble figuring the firewall rules that I need to set in order to > >>> connect the server so it would be able to communicate with a specific > >>> client through the internet. > >>> > >>> I'm aware that there is the guide for networking and firewall: > >>> https://www.qubes-os.org/doc/firewall/ > >>> > >>> > >>> > >>> but unfortunately I cant infer it to my use case. > >> > >> Not sure what you mean- Qubes doesn't need any special rules to > >> communicate out. If you want to restrict inbound communications to the > >> single source IP of your client, follow the guide and use that IP in > >> the rule. I think there's an example like that in there. > > > > allow me to elaborate i am trying to route all incoming traffic to a > > single vm there is an example that supposedly does just that however i have > > zero experience in "IP tables" and as such the example, as detailed as it > > is does not explain to me how to achieve the desired result with a > > specific vm and its corresponding ip for example i have no idea what > > "MY-HTTPS" is meant to reference > > "MY-HTTPS" is a label/name- just type it as is. > Depending on how you are doing your inbound NATing, you may need to > restrict the source IP at your outside firewall/router or in this line of > the sys-net configuration: "iptables -A MY-HTTPS -s 192.168.x.0/24 -j > ACCEPT". i see, thanks to you i think i understand but i seem to be having at the very first step after adding both rules in the sys-net terminal i still dont see the connection attempt from an external pc on the rule for the for the prerouting i used CIDR netmask to allow all possible values for the third-forth part of the sys-net's ip worth noting that i can connect from the appvm to the net but not vice versa using the telnet commend thank you in advance. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5a6d6a42-e5dd-4ab2-91db-11974304e8e6%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: cant connect to outsidet network after setting static ip
On Wednesday, March 14, 2018 at 6:23:22 PM UTC+2, shon.b...@gmail.com wrote: > so i have vm that i had network connectivity > as part of the guide that is listed below > i set a static ip to the vm, after which i cant connect to anything > even after statically binding the ip to the previous ip > but to no avail > iv tried to connect the vm to both sys-firewall and sys-net directly > any ping attempt from said vm returns destination host unreachable > the other vm's are unaffected and still have network connectivity said guide https://github.com/Rudd-O/qubes-network-server/blob/master/doc/Setting%20up%20your%20first%20server.md thank you in advance -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/d08f31a1-a7cc-45d7-810c-f8cc6969b678%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: cant connect to outsidet network after setting static ip
On Wednesday, March 14, 2018 at 6:23:22 PM UTC+2, shon.b...@gmail.com wrote: > so i have vm that i had network connectivity > as part of the guide that is listed below > i set a static ip to the vm, after which i cant connect to anything > even after statically binding the ip to the previous ip > but to no avail > iv tried to connect the vm to both sys-firewall and sys-net directly > any ping attempt from said vm returns destination host unreachable > the other vm's are unaffected and still have network connectivity thanks in advance -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/f78d49d4-3032-4e58-9249-3a6812b76433%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [qubes-users] tcp/udp server on qubes
On Tuesday, March 13, 2018 at 3:14:20 AM UTC+2, awokd wrote: > On Mon, March 12, 2018 10:21 pm, idanqu...@gmail.com wrote: > > I'm trying to build a server that uses tcp protocol, and I'm having > > trouble figuring the firewall rules that I need to set in order to > > connect the server so it would be able to communicate with a specific > > client through the internet. > > > > I'm aware that there is the guide for networking and firewall: > > https://www.qubes-os.org/doc/firewall/ > > > > > > but unfortunately I cant infer it to my use case. > > Not sure what you mean- Qubes doesn't need any special rules to > communicate out. If you want to restrict inbound communications to the > single source IP of your client, follow the guide and use that IP in the > rule. I think there's an example like that in there. allow me to elaborate i am trying to route all incoming traffic to a single vm there is an example that supposedly does just that however i have zero experience in "IP tables" and as such the example, as detailed as it is does not explain to me how to achieve the desired result with a specific vm and its corresponding ip for example i have no idea what "MY-HTTPS" is meant to reference -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/5e4ddee5-df6a-40b0-9218-30bb7e533752%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: tcp/udp server on qubes
just to be clear I'm using Qubes R3.2 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7a5b8490-80e9-481d-84f0-547be74f359c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] tcp/udp server on qubes
I'm trying to build a server that uses tcp protocol, and I'm having trouble figuring the firewall rules that I need to set in order to connect the server so it would be able to communicate with a specific client through the internet. I'm aware that there is the guide for networking and firewall: https://www.qubes-os.org/doc/firewall/ but unfortunately I cant infer it to my use case. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/e539598f-6bd7-4f28-9bb2-c8f3fabcc7d0%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.