Git-Mirrors/qubes-mirage-firewall
1
0
Fork 0
mirror of https://github.com/mirage/qubes-mirage-firewall.git synced 2024-06-28 23:22:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Note that mirage-firewall cannot be used as UpdateVM

Browse Source 
Reported at: https://groups.google.com/forum/#!topic/qubes-users/YPFtbwyoUjc
This commit is contained in:
Thomas Leonard 2019-05-29 15:22:15 +01:00
parent adb451e7e3
commit 3ab7284a64
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
README.md
View File

@ -86,6 +86,14 @@ qvm-prefs --set my-app-vm netvm mirage-firewall
Alternatively, you can configure `mirage-firewall` to be your default firewall VM.
Note that by default dom0 uses sys-firewall as its "UpdateVM" (a proxy for downloading updates).
mirage-firewall cannot be used for this, but any Linux VM should be fine.
https://www.qubes-os.org/doc/software-update-dom0/ says:
> The role of UpdateVM can be assigned to any VM in the Qubes VM Manager, and
> there are no significant security implications in this choice. By default,
> this role is assigned to the firewallvm.
### Components
This diagram show the main components (each box corresponds to a source `.ml` file with the same name):