Hi, can anyone help me. When I run a Linuxmint HVM on qubesos I can connect another device to this VM via ethernet and it is going through the qubesos networking. When I am trying the same thing with a fedora or debian based qube using network-manager I cannot get it to work. Does anyone know how to set this up?
Best regards.
You need to configure firewall with iptables (Qubes OS 4.1) or nftables (Qubes OS 4.2).
moved to user support
But isn´t that handled by the network manager? When I create a wifi hotspot with one of my qubes I connect a device and it is passed upstream to the internet…why and what will I have to configure nftables when using ethernet but not when using a wifi hotspot…
Can you describe in more details what do you want to do and what are you doing to achieve this?
Did you connect your PCI Ethernet controller to one of your qubes and want to forward connections from this ethernet interface over the qube netvm? E.g.:
Your devices in local network → sys-ethernet (with PCI Ethernet controller attached) → sys-firewall → sys-net (with some other PCI Network controller attached, e.g. WiFi)
If so then how did you configured sys-ethernet? Did you set its "Provides network` option in qube Settings?
Ok…I am sorry I thought my explanation in my first post was sufficient.
I would like to connect a device (e.g. a tablet) via ethernet to a template based (H)VM (debian or fedora under R4.2) and then I want to pass this connection upstream to the internet. It would look like this:
Device => sys-ethernet (HVM with PCI ethernet controller attached) => sys-vpn => sys-firewall => sys-net => INTERNET
I got this setup working using a Linuxmint HVM (with PCI ethernet controller attached) as sys-ethernet…it is basiclly working out of the box (using the network-manager-gui)…no tinkering with any kind of firewall rules. But as soon as I use a debian or fedora template I cannot get it to work - I think it is a routing problem within the templates - but I am not skilled enough to fix it…especially not wit nftables…
How is this connection works? Did you connect your device (tablet) to your PCI ethernet controller with a cable? Or are device and sys-ethernet connected to the same router in the same local network?
Yes I connect the device (with an ethernet cable) directly to sys-ethernet. And in my Linuxmint HVM I can do this very easily with my network-manager-gui and it works perfectly…
I don’t know how did you configure it with network-manager-gui, but if it’s a problem with firewall rules then you can flush all rules in sys-ethernet for a test and see if it’ll work:
sudo nft flush ruleset
If it works then you can try to fix up the nft rules.
It works…great!!!
Thx for your help!