[prev in list] [next in list] [prev in thread] [next in thread] 

List:       qubes-users
Subject:    [qubes-users] Re: Qubes Routing and NAT
From:       "'Epinsion Polickye' via qubes-users" <qubes-users () googlegroups ! com>
Date:       2018-07-31 5:41:30
Message-ID: b0d597ab-30cd-41ec-a8b6-c807fce92591 () googlegroups ! com
[Download RAW message or body]


On Tuesday, July 31, 2018 at 12:03:45 PM UTC+10, Epinsion Polickye wrote:
> Hi All,
> 
> I've been following this guide to set up routing and NAT to an internal machine: \
> https://www.qubes-os.org/doc/firewall/ 
> sys-net and my machines are currently working on the internal network, and the \
> internet perfectly outbound, but I'm having troubles exposing services from sys-net \
> (which I only intend to do for testing with this VM), or internal VMs (what I \
> actually want to do). 
> My machine is connecting directly to sys-net (no sys-firewall middle man).
> 
> My first step is to simply run "nc -nlv 444" on sys-net to telnet into it from and \
> internal device, and be able to ping the sys-net machine from an internal device. \
> I'm having issues just at this step however, even if I've disabled nftables and \
> iptables. qvm-ls -n lists a different sys-net ip than what's set up as the internal \
> private address on the network. 
> I can ping from sys-net to a particular machine, but not back to the machine.
> 
> I suspect I'm misunderstanding networking and firewalls in Qubes. I expect sys-net \
> to function like a router (along with any other intermediary VMs for firewalls, \
> net/vpns and the like), and for the firewalls to be handled by nftables and \
> iptables, which shouldn't function when the services are disabled on systems. 
> Thanks.

And also on VM: sudo iptables -I INPUT -s 10.137.0.5 -j ACCEPT

-- 
You received this message because you are subscribed to the Google Groups \
"qubes-users" group. To unsubscribe from this group and stop receiving emails from \
it, send an email to qubes-users+unsubscribe@googlegroups.com. To post to this group, \
send email to qubes-users@googlegroups.com. To view this discussion on the web visit \
https://groups.google.com/d/msgid/qubes-users/b0d597ab-30cd-41ec-a8b6-c807fce92591%40googlegroups.com.
 For more options, visit https://groups.google.com/d/optout.



[prev in list] [next in list] [prev in thread] [next in thread]