Good day,
I have a ferdora minimal dvm setup for my sys-net and currently following http://qubesosfasa4zl44o4tws22di6kepyzfeqv3tg4e3ztknltfxqrymdad.onion/doc/firewall/#where-to-put-firewall-rules and came across
My question is will these configurations following the guide remain? Any guides to reverse changes if needed?
Also when following
"
for the net vm after changing to the required IPs and port it give a Interface does not exist error. Seems to be highlighting “counter”(?)
1 Like
Bump*
Anyone able to assist quiet urgent, tested on a normal qube and this error is the same.
1 Like
solene
December 5, 2024, 9:35am
4
hi
I’m not sure to understand your questions.
The nft rule to forward a port should work fine on a minimal template, given the nft command is available (it should).
You can’t copy/paste the nftable command as this, you must adapt the network interface name and IP addresses.
1 Like
Yes, I have changed to the needed IPs and port
“for the net vm after changing to the required IPs and port it give a Interface does not exist error. Seems to be highlighting “counter”(?)”
However resolves in this error. I further tested in a normal fedora Qube just for comparison and results in same issue hence I wonder if the doc is outdate.
1 Like
solene
December 5, 2024, 9:40am
6
The document is fine, I updated it this year after the switch to nftables in Qubes OS 4.2, it works fine for me.
I made a forum post about forwarding Qubes OS 4.2 nftables / nft firewall guide and also I wrote a simple script to setup forwarding for a given qube, to run from dom0 [Qubes OS 4.2] Easily NAT qubes port to external network
1 Like
Thank you I will review.
I’m in the process of transferring some full and validator nodes Im running for some chains and projects to Qubes and only issue right now is the port forwarding.
1 Like