Sorry for that, I’m reall new to network things, and the setups are really complicated, I missed what should I explain.
In fact, I resolved the question already.
I didn’t fully complete firewall settings, but it seems work.
The problem was that I didn’t insert the device addresses after registering device IDs. After I write like tcp:// 192.168.0.3:22000 in device addresses entries, they successfully shares the folder.
But honestly, I also don’t fully understand what I should set up.
Here are what I’ve done.
- (Physical setup) I connect my phone and laptop by LAN card. Laptop – (LAN cable) – (LAN card with USB-C) – Android phone
- (Qubes setup) Disposable netvm for ethernet
sys-eth, firewall for ethernetsys-eth-firewalland destination qubess
2-1.sys-eth,sys-eth-firewall, andssare all dispVM.
2-2. I set up already on the templateVM ofssby following instructions : [[Split-syncthing]], and [[Use qubes-sync with multiple clients and one server]]
2-3.sys-eth,sys-eth-firewallare constructed by following the instructions in Disposable customization | Qubes OS named disposables for service qubes - (IP setup) Use static ips. On the network option of
sys-eth, I use192.168.0.2with gateway192.168.0.1and subnet mask255.255.255.0. On my phone, I set up192.168.0.3with same gateway and subnet mask. - I try to build the firewall by following the above instruction, but here are the problems:
4-1.ping 192.168.0.3 443doesn’t work butping 192.168.0.3works.
4-2. When I run the commandnft list table ip qubes,
chain custom-forward {
iif "ens6" ip saddr 192.168.0.0/24 ip daddr <sys-eth-firewall ip address> tcp dport 443 ct state new,established,related counter packets 7 bytes 448 accept
}
is shown. (Why 192.168.0.0? Not 192.168.0.3)
The same problem occurs for each qubes;sys-eth-firewall and ss
- Despite of these problems,
ping 192.168.0.3works insys-eth-firewallandss - Despite of these problems, syncthing works. I guess it’s because direct connection is established, but no firewall filtered.
I’m not sure this is helpful to understand my setup.