How can I restrict a qube with qvm-firewall to only connect to other devices in my network?
It can’t be done dynamically, but if your LAN is on 192.168.1.x , just add a rule to deny everything and only allow 192.168.1.x destination on both udp and tcp.
1 Like
You could poll sys-net to get the local network, like this:
qvm-run -p sys-net 'ip -4 route'|grep -E -v "10.13|default" | cut -f1 -d " "
and feed that in to qvm-firewall
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
2 Likes