I know that Fedora has built-in Wireguard support for VPNs but what if we want to implement Safing Privacy Network (SPN), how would one go about setting it up (system wide and on a per-qube basis)? Also, if it is implemented system wide, would the SPN still be able to distinguish and isolate the web traffic from different browser tabs or apps within a single qube? For further details, here are some links to it:
1 Like
Hi @Droplet6200
if you are really interested in using this solution and/or paid service
you are expected to run it on your desktop where your browser is running.
personally, the solution provided by QuBes-OS seems to be a better alternative;
use the sys-whonnix to connect to the internet
If it allows to use an agent and a central server yes, not sure it’s possible though.
This could be done in opensnitch which provides the same blocking ability without the extra “SPN” and DNS filtering. Opensnitch can be used with a central node managing permissions, which should well fit qubes os architecture. there are no guides for an inter-qube setup.
is this a case of replacing sys-firewall with openswitch ?
Thanks
I would run it a netvm qube just before sys-firewall in the netvm chain, it’s better to leave sys-firewall alone.
It would looks like this:
[appvms] → sys-opensnitch → sys-firewall → sys-net
Then, opensnitch would also have to run in all appvms, but central management will be handled by sys-opensnitch
Why is it not enough to run opensnitch just in the netvm before sys-firewall?
The benefits of SPN over the Tor network is that less websites block SPN connections, it’s faster, and a different IP address is used per app/browser tab.
It will work, but with less control. It will only ask for IP : port and not per application. It may be good enough though.
1 Like