On Mon, Jan 09, 2017 at 07:09:41PM +, 5xe89r+1y7rhqhfisytc via qubes-users
wrote:
> Got it now! :D
>
> I set this up by myself because I want to force all the traffic to go through
> the vpn (that is installed on the sys-fw). I've created a custom iptables
> rule white-listing all traffic
Got it now! :D
I set this up by myself because I want to force all the traffic to go through
the vpn (that is installed on the sys-fw). I've created a custom iptables rule
white-listing all traffic originated from the templateVMs on dport 8082 and now
it works as expected!
Many thanks for the
On Mon, Jan 09, 2017 at 03:31:10PM +, 5xb562+7dpfa via qubes-users wrote:
> Oh, well spotted! Thx :)
>
> So what is the option "Allow connections to update proxy" doing if the INPUT
> chain allows all traffic destined to 10.137.255.254 ?
> Isn't this a flaw? Is there a way to avoid this?
>
Oh, well spotted! Thx :)
So what is the option "Allow connections to update proxy" doing if the INPUT
chain allows all traffic destined to 10.137.255.254 ?
Isn't this a flaw? Is there a way to avoid this?
Sent using Guerrillamail.com
Block or report abuse:
https://www.guerrillamail.com
On Mon, Jan 09, 2017 at 02:18:52PM +, 5xa50y+5q6yw via qubes-users wrote:
> Hi,
>
> Strangely appvms that are marked and not "Allow connections to updates proxy"
> are still able to reach the tinyproxy, despite the iptables rules:
>
> [root@sys-fw ~]# iptables -nvL
> Chain INPUT (policy DROP
Hi,
Strangely appvms that are marked and not "Allow connections to updates proxy"
are still able to reach the tinyproxy, despite the iptables rules:
[root@sys-fw ~]# iptables -nvL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source des