From a072318fe4bc31e3ea1d8cad54c018ebe0740f77 Mon Sep 17 00:00:00 2001 From: "Dr. Gerhard Weck" Date: Sat, 28 May 2022 13:03:29 +0200 Subject: [PATCH] IP address use for forwarding external requests --- user/security-in-qubes/firewall.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/user/security-in-qubes/firewall.md b/user/security-in-qubes/firewall.md index 55d4155f..eba39223 100644 --- a/user/security-in-qubes/firewall.md +++ b/user/security-in-qubes/firewall.md @@ -468,10 +468,10 @@ If the service should be available to other VMs on the same system, do not forge Here no routing is required, only filtering. Proceed in the same way as above but store the filtering rule in the `/rw/config/rc.local` script. -For the following example, we assume that the IP adress of sys-firewall is 10.137.1.z. +For the following example, we assume that the target VM running the web server has the IP address 10.137.0.xx ``` -sudo name /rw/config/rc.local +sudo nano /rw/config/rc.local ``` ~~~ @@ -490,7 +490,7 @@ fi if ! iptables -w -n -L INPUT | grep --quiet MY-HTTPS; then # add a forward rule for the traffic (same reason) - iptables -w -I INPUT 5 -d 10.137.1.z -p tcp --dport 443 -m conntrack --ctstate NEW -j MY-HTTPS + iptables -w -I INPUT 5 -d 10.137.0.xx -p tcp --dport 443 -m conntrack --ctstate NEW -j MY-HTTPS fi ~~~