There’s a second computer to access the Clinet.
How do I completely block traffic bypassing sys-whonix? I don’t know much English, so I couldn’t find it myself, I read qubes and whonix documentation.
(I marked dom0 updates via tor during installation, prescribed “sudo systemctl restart qubes-whonix-torified-updates-proxy-check”, installed everything in Qube Manager except sys-firewall,
sys-whonix, sys-net and Tamplate VM on sys-whonix,
Qubes global settings -> Dom0 UpdateVM -> sys-whonix
Qubes global settings -> ClockV -> sys-whonix
Qubes global settings -> Default netVM -> sys-whonix
Qubes global settings -> Default template -> fedora-30
Qubes global settings -> Default DisposableVM Template -> fedora-30-dvm
)
Maybe there are some guides to setting qubes to anonymity so that the browser can’t recognize my time zone (so that it is different on different AppVMs). And how to add a different language to
the keyboard, again, so that it would be visible only on the AppVMs I need.
img: qubes-os[.]org/attachment/wiki/posts/admin-api.png
I will formulate a more specific question, as in the diagram above, to block all connections to sys-net except sys-whonix->sys-firewall->sys-net.
This is understandable, but traffic connected to sys-firewall and sys-net bypass tor. On the whonix forum I was told that this is impossible) If I translated his answer correctly.
https://forums.whonix.org/t/how-to-block-all-non-tor-traffic/9308
Basically, I figured out that sys-net needs to cut off all traffic that doesn't come from sys-firewall, but I can't figure out what to do with sys-firewall yet.
On 2020-04-11, tas...@posteo.net wrote:
Although it would seem to be a sniffer, I am embarrassed that the sniffer standing sys-firewall shows that the traffic comes from sys-firewall (not sys-whonix). And the sniffer from sys-net doesn't catch the ping connection to the site.
In general, I'll deal with iptabals with if there are any more questions I write.