Mirage-firewall 0.8.0 released

Can you try the latest release (0.8.1)?

Which fixes the earlier bug Random qvm shutdown · Issue #143 · mirage/qubes-mirage-firewall · GitHub.

We just released 0.8.1 (Release various bug fixes · mirage/qubes-mirage-firewall · GitHub) which works fine with 64MB memory (and should as well work nicely with 32MB). If you can give that a try, that’d be great.

2 Likes

I’ve just tried version 0.8.1 and my openvpn qubes are still unable to communicate. This is stock standard mirage-firewall as downloaded with no changes to memory settings etc.

0.8.1 works as intended so far

A big thank you to the team behind Mirage and the firewall for all their hard work.

From my experience if you have a standard Qubes setup and properly follow the firewall’s setup instructions you should have no issues at all. Since your problem isn’t crashing but non-connection, it’s very possible the problem is a user-generated one.

I’d start by making sure every setting is as it should be (e.g. set to provide network).

Then I’d check Qubes’ firewall settings: Did you accidentally try to change the firewall settings on Mirage instead of whatever qubes are linked to it? Try running in dom0 qvm-firewall VMNAME reset for each and every linked qube, including the firewall to be sure.

If that doesn’t fix it, maybe there’s something with how you set up inter-qubes networking.

 

#Edit: Scrolled up and read the other comments; likely that there’s some compatibility issue with OpenVPN or at least the Tasket implementation of it. I feel like a fraud for sidestepping the issue, but have you heard the good word of our lord and savior Wireguard? It’s easy to set up, more secure and auditable due to a compact codebase (4k vs ~100k lines), more responsive, and uses better ciphers.

More importantly, installation is a breeze even in Qubes: Just install Wireguard into your qube and import config files. A quick Google search yields a great Mullvad guide:

 


Not technically-trained; consume with salt