salt - qvm.firewall

30 views
Skip to first unread message

lik...@gmx.de

unread,
May 23, 2020, 6:28:52 PM5/23/20
to qubes...@googlegroups.com
Hi!

I'm trying to setup some firewall rules on some AppVms. Unfortunately, I cannot find any documentation to do this with the salt stack. The only documentation I found is:
https://github.com/QubesOS/qubes-mgmt-salt-dom0-qvm

Any hints?

Thxs, P

lik...@gmx.de

unread,
May 25, 2020, 4:39:57 PM5/25/20
to qubes...@googlegroups.com
For clarification: Goal is to block all outgoing connections except those which are permitted. This can be done conveniently for an AppVm by the "Qubes settings"->"Firewall rules". Is there any chance to do this with salt without firing qvm-firewall commands?

unman

unread,
May 25, 2020, 8:07:24 PM5/25/20
to qubes...@googlegroups.com
No, there's no native qubes salt configuration - firing qvm-firewall
commands is all there is.
Of course, you may want to "fire" them as part of a qubesctl run -you
could e.g. keep them in a file, and use cmd.script in the state file.
Reply all
Reply to author
Forward
0 new messages