Dear community,
I plan to push Ocaml 5+ ecosystem for Qubes-mirage-firewall soon, before continuing development. We don’t have RC releases with Qubes-mirage-firewall, but if you want to try and help find bugs before the next release, you can test:
Thank you for your work! I’m all set to test the mirage-firewall and will let you know if I encounter any issues. I will also test ProtonVPN to see if I run into the same problems I had with MullvadVPN, as I have a subscription.
There is no persistance nor configuration from the disk. The only mutable things are the connected clients configuration and their firewall rules. Those are read from QubesDB dynamically at runtime and everything is in RAM.
Dear @alsa1 , sure I can, I’m just holding back because I haven’t received any feedback on the PRs, and since I don’t want to rule a release decision solely on “it works for me”, I prefer to leave some time for anyone who want to test between releases
So my plan is to merge a fix today for hvm clients (e.g., Windows and OpenBSD), which should now work better, especially when shut down. And also to switch to OCaml 5.3.
For those who are interested, you should be able to compile and test the unikernel before it is released, and if there are no issues detected, that can be released
I’ve followed instructions from Proton website and got Proton VPN working fine and using it in this configuration:
Qube(s)-firewall-ProtonVPN-firewall-net-wan
Appreciated if i can get help to setup the mirageFirewall,step-by-step.
In your case you’ll need to create two different firewall VMs because they have different netvm, but you can use the same unikernel for both (so only need to copy the unikernel once), the unikernel is loaded in memory for each VM and is not shared
