I don’t know anything about firewalls and I’m not planning on blocking anything, but I will be making a VPN VM. If so is there any reason to have the firewall VM at all? And if not, should I simply make that into my VPN VM or would that be some kind of issue?
My opinion on this topic: no.
Instead think about:
- using dispVMs whenever feasible
- disabling root inside your AppVMs
- using kicksecure as a template for your AppVMs and
- installing opensnitch inside your AppVMs
- your threat model and decreasing your attack surface
PS: in what way do your
iptables inside your AppVMs differ from your
sys-firewall? Anyway, I believe, sys-firewall fetches the updates for dom0, so that might be a reason to keep it.