No wired internet (Intel I219-LM) on new 4.1 install
17 views
Skip to first unread message
M
May 24, 2022, 9:38:52 AM5/24/22
to qubes-users
Everything is default with the exception of:
1. devices in sys-net is only with ethernet one. The other one, which was listed as unknown (guess wifi, disabled from bios) was removed.
2. sys-firewall - limit traffic to * on TCP port 443.
3. Disabled TOR. It said that I will not have internet (don’t know if it is connected, or mean only for whonix VMs)
The internet icon does not have an X.
I tried ping google from sys-net and sys-firewall terminal.
From sys-net domain+ip went through, sys-firewall only ip.
Updates are also not working.
1. devices in sys-net is only with ethernet one. The other one, which was listed as unknown (guess wifi, disabled from bios) was removed.
2. sys-firewall - limit traffic to * on TCP port 443.
3. Disabled TOR. It said that I will not have internet (don’t know if it is connected, or mean only for whonix VMs)
The internet icon does not have an X.
I tried ping google from sys-net and sys-firewall terminal.
From sys-net domain+ip went through, sys-firewall only ip.
Updates are also not working.
Sven Semmler
May 25, 2022, 12:18:35 AM5/25/22
to qubes...@googlegroups.com
On 5/24/22 08:36, M wrote:
> sys-firewall - limit traffic to * on TCP port 443.
> sys-firewall - limit traffic to * on TCP port 443.
> I tried ping google from sys-net and sys-firewall terminal.
> From sys-net domain+ip went through, sys-firewall only ip.
* ping uses ICMP which the firewall will always let through unless you use qvm-firewall
> From sys-net domain+ip went through, sys-firewall only ip.
* DNS queries are routed by Qubes OS to the netvm, which is in your case sys-firewall
* once you allow UDP port 53 in the firewall settings in sys-firewall DNS should work
> Updates are also not working.
If you don't want to allow HTTP in sys-firewall, you can
1. clone it to sys-update
2. set sys-update as updatevm and in the policy for updates
3. allow HTTP for sys-update
4. set "provides networking" to false for sys-update
That means sys-update will be used as update proxy but no other qube can use it as network (netvm).
/Sven
--
public key: https://www.svensemmler.org/2A632C537D744BC7.asc
fingerprint: DA59 75C9 ABC4 0C83 3B2F 620B 2A63 2C53 7D74 4BC7
M
May 28, 2022, 4:17:34 PM5/28/22
to qubes-users
According the doc, you don't need to do that.
Firewall policy which is see with qvm-firewall sys-firewall:
Firewall policy which is see with qvm-firewall sys-firewall:
0. tcp 443
1. dns
2. icmp
3. drop
I still can't solve the problem.
I still can't solve the problem.
M
May 29, 2022, 7:25:06 AM5/29/22
to qubes-users
awokd
May 29, 2022, 5:45:47 PM5/29/22
to qubes...@googlegroups.com
M:
the AppVMs that connect through sys-firewall.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
> I can access https://1.1.1.1. But not cloudflare.com.
>
> On Saturday, 28 May 2022 at 23:17:34 UTC+3 M wrote:
>
>> According the doc, you don't need to do that.
>> Firewall policy which is see with qvm-firewall sys-firewall:
>> 0. tcp 443
>> 1. dns
>> 2. icmp
>> 3. drop
>>
>> I still can't solve the problem.
>> On Wednesday, 25 May 2022 at 07:18:35 UTC+3 sv...@svensemmler.org wrote:
>>
>>> On 5/24/22 08:36, M wrote:
>>>> sys-firewall - limit traffic to * on TCP port 443.
>>>> I tried ping google from sys-net and sys-firewall terminal.
>>>> From sys-net domain+ip went through, sys-firewall only ip.
>>>
Don't set firewall rules directly on sys-firewall. Set them instead on
>
> On Saturday, 28 May 2022 at 23:17:34 UTC+3 M wrote:
>
>> According the doc, you don't need to do that.
>> Firewall policy which is see with qvm-firewall sys-firewall:
>> 0. tcp 443
>> 1. dns
>> 2. icmp
>> 3. drop
>>
>> I still can't solve the problem.
>> On Wednesday, 25 May 2022 at 07:18:35 UTC+3 sv...@svensemmler.org wrote:
>>
>>> On 5/24/22 08:36, M wrote:
>>>> sys-firewall - limit traffic to * on TCP port 443.
>>>> I tried ping google from sys-net and sys-firewall terminal.
>>>> From sys-net domain+ip went through, sys-firewall only ip.
>>>
the AppVMs that connect through sys-firewall.
--
- don't top post
Mailing list etiquette:
- trim quoted reply to only relevant portions
- when possible, copy and paste text instead of screenshots
Reply all
Reply to author
Forward
0 new messages