Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-15 Thread unman
On Fri, Feb 15, 2019 at 08:12:35AM +0100, ashleybrown...@tutanota.com wrote: > > Please don't top post. Take a minute to make it easier for other users. > > As is clear in another thread, there is a clear warning about DNS on the > > GUI firewall - I find it hard to believe that anyone could miss

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-15 Thread 'awokd' via qubes-users
ashleybrown...@tutanota.com wrote on 2/15/19 7:12 AM: I am new to mailing lists. What does top-post mean? Do you mean don't post the reply at the top of the message and instead at the bottom like this? Much better, thank you. If you want to make sure there is no network communication from

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread ashleybrown480
Feb 14, 2019, 3:42 PM by un...@thirdeyesecurity.org: > On Thu, Feb 14, 2019 at 03:13:00PM +0100, > ashleybrown...@tutanota.com > > wrote: > >> >> >> Hopefully one day they revert it back to how it was in 3.2. A very common >> use-case for the firewall is

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread unman
On Thu, Feb 14, 2019 at 03:05:20PM +0100, ashleybrown...@tutanota.com wrote: > > The magic is in NAT rules (but I had to research this too.) See > > https://www.qubes-os.org/doc/networking > > , and "sudo iptables -t nat -L" > > in sys-firewall and

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread unman
On Thu, Feb 14, 2019 at 03:13:00PM +0100, ashleybrown...@tutanota.com wrote: > > > Hopefully one day they revert it back to how it was in 3.2. A very common > use-case for the firewall is likely to ensure things like DNS requests do not > happen through the normal means (and instead go over

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread ashleybrown480
Hopefully one day they revert it back to how it was in 3.2. A very common use-case for the firewall is likely to ensure things like DNS requests do not happen through the normal means (and instead go over something like Tor or a VPN). Unfortunately, the current config does not make it very

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread ashleybrown480
> The magic is in NAT rules (but I had to research this too.) See > https://www.qubes-os.org/doc/networking > , and "sudo iptables -t nat -L" in > sys-firewall and sys-net. I previously looked at IP tables and honestly I really do not understand it.

Re: [qubes-users] How does Qubes DNS resolving work?

2019-02-14 Thread 'awokd' via qubes-users
ashleybrown...@tutanota.com wrote on 2/14/19 6:28 AM: When I look at /etc/resolv.conf in the following VMs it says different things: 1) Normal AppVM: nameserver 10.139.1.1 nameserver 10.139.1.2 2) Sys-firewall VM: nameserver 10.139.1.1 nameserver 10.139.1.2 3) Sys-net VM: [actual

[qubes-users] How does Qubes DNS resolving work?

2019-02-13 Thread ashleybrown480
When I look at /etc/resolv.conf in the following VMs it says different things: 1) Normal AppVM: nameserver 10.139.1.1 nameserver 10.139.1.2 2) Sys-firewall VM: nameserver 10.139.1.1 nameserver 10.139.1.2 3) Sys-net VM: [actual resolvers] The chain for DNS packets is obviously AppVM ->