Git-Mirrors/qubes-mirage-firewall
1
0
Fork 0
mirror of https://github.com/mirage/qubes-mirage-firewall.git synced 2024-06-26 06:02:12 +00:00
Code Issues Packages Projects Releases Wiki Activity
355 Commits 1 Branch 18 Tags 1 MiB
9058d25dcc
Commit Graph

64 Commits

Author SHA1 Message Date
Pierre Alain
e18dbb602d
Merge pull request #3 from palainp/main 
merge main
 2024-02-14 10:23:45 +01:00
Pierre Alain
b318fabd43
Merge pull request #191 from palainp/podman 
allow podman as building system
 2024-01-30 11:07:33 +01:00
Pierre Alain
16a50aad9b allow podman as building system 2023-12-26 11:35:37 +01:00
Pierre Alain
d2b72f6a87 set back recommended memory amount to 32MB 2023-12-26 10:45:13 +01:00
Pierre Alain
90de455fdb update disk size requirement 2023-11-08 12:13:11 +01:00
Pierre Alain
95f165a059 change snapshots for debian ones 2023-11-08 08:05:32 +01:00
Pierre Alain
173832e053 comply with SELinux enforcement AppVM 2023-11-04 16:25:46 +01:00
Dimas Alexander
95c870b14e
Using too little RAM causes Mirage to stop working. 2023-09-10 19:10:07 +07:00
100111001
4dda3f513c
Added description how to run salt states 2023-08-23 14:48:29 +02:00
100111001
6df70c1b35
Update README.md - using correct formating 2023-08-18 00:46:39 +02:00
100111001
c87f2305ab
Update README.md for using SaltScriptToDownloadAndInstallMirageFirewallInQubes.sls 2023-08-18 00:27:06 +02:00
palainp
fe99021dc0 add minimal README information about using mirage-firewall without netvm 2023-06-30 17:06:17 +02:00
palainp
eb4d0fc371 update documentation 2022-10-11 13:20:07 +02:00
Hannes Mehnert
61767ef0d5
Merge pull request #140 from palainp/mirage4 
update to mirage 4.2.0 & mirage-xen 8.0.0
 2022-08-30 16:29:10 +02:00
palainp
008b5b3b2f drop PV from README.md for recent versions of qubes-mirage-firewall 2022-08-13 16:59:09 +02:00
palainp
a99d7f8792 update to mirage 4.0.0 & mirage-xen 7.0.0 2022-03-30 03:12:01 -04:00
Thomas Leonard
d8ae7f749c Update README 2020-10-28 11:00:13 +00:00
Hannes Mehnert
c173bf1cb0 README: use kernelopts='' instead of None 2020-10-24 12:43:08 +02:00
Krzysztof Burghardt
f9842e8b18
Do not run tar in dom0 (closes #84). 
Do not run tar and bzip2 in dom0 to decompresses and extract archive
data created in, or downloaded to domU as any vulnerabilities in them
can compromise Qubes OS security model.

Instead of that run both tar and bzip2 in domU and copy unikernel to
dom0 as described in official Qubes documentation ["Copying from (and to)
dom0"](https://www.qubes-os.org/doc/copy-from-dom0/#copying-to-dom0).

Auxiliary files required to run unikernel in Qubes OS domU can be easily
created directly in dom0 using trusted tools available there.
 2020-06-20 01:16:29 +02:00
linse
3ee01b5243 changes for 0.7.1 
Co-Authored-By: hannes <hannes@mehnert.org>
 2020-06-19 09:44:15 +00:00
linse
60ebd61b72 Update documentation. 2020-05-19 16:48:48 +02:00
linse
87df5bdcc0 Read firewall rules from QubesDB. The module Rules contains a rule matcher instead of hardcoded rules now. 
Co-Authored-By: Mindy Preston <yomimono@users.noreply.github.com>
 2020-05-15 16:25:46 +02:00
Snowy Marmot
dad1f6a723
Update per review 
Update with suggested wording per talex5
 2019-12-14 00:24:55 +00:00
Snowy Marmot
315fe4681e
Note that AppVM Size may need to increase 
Add note that AppVM used to build from source may need a private image larger than the default 2048MB.
 2019-11-27 16:01:58 +00:00
xaki23
cac3e53be1 README: create the symlink-redirected docker dir 
Otherwise, installing the docker package removes the dangling symlink.
 2019-07-28 17:35:59 +01:00
jaseg
0a4b01a841
Fix ln(1) call in build instructions 
The arguments were backwards. [```ln``` takes the link target first, then the link name](https://linux.die.net/man/1/ln).
 2019-05-31 12:50:33 +09:00
yomimono
7d22eafa59
Merge pull request #68 from talex5/updatevm 
Note that mirage-firewall cannot be used as UpdateVM
 2019-05-29 17:55:25 -05:00
Thomas Leonard
3ab7284a64 Note that mirage-firewall cannot be used as UpdateVM 
Reported at: https://groups.google.com/forum/#!topic/qubes-users/YPFtbwyoUjc
 2019-05-29 15:25:10 +01:00
Thomas Leonard
de7d05ebfa Fix typos in docs 2019-05-29 09:01:08 +01:00
Thomas Leonard
eec1e985e5 Add overview of the main components of the firewall 2019-05-06 10:35:51 +01:00
Thomas Leonard
eb14f7e777 Link to security advisories from README 
Also, link from binary installation to deployment section.
 2019-04-26 12:39:34 +01:00
Thomas Leonard
5958cfed97 Clarify how to build from source 2019-04-08 10:43:30 +01:00
Thomas Leonard
bd7babeda0 Remove Qubes 3 instructions from README 
See https://www.qubes-os.org/news/2019/03/28/qubes-3-2-has-reached-eol/
 2019-04-04 11:05:49 +01:00
Thomas Leonard
ab88d413c4
Update links from talex5 to mirage 2019-02-26 16:57:40 +00:00
Thomas Leonard
2edb088650 Update to latest Debian and opam 
Reported by Honzoo.
 2019-02-01 09:36:08 +00:00
Thomas Leonard
0d0159b56f Update build instructions for latest Fedora 
`yum` no longer exists. Also, show how to create a symlink for
/var/lib/docker on build VMs that aren't standalone.

Reported by xaki23.
 2018-11-04 14:36:19 +00:00
Thomas Leonard
b77d91cb20 Add installation instructions for Qubes 4 2018-01-06 12:24:50 +00:00
Thomas Leonard
b114e569f2 Use Git master for shared-memory-ring and netchannel 
This adds support for HVM and disposable domains.

Also, update the suggested RAM allocation slightly as 20 MB can be too
small with lots of VMs.
 2017-11-09 17:08:59 +00:00
Thomas Leonard
f4df389713 Add more detailed installation instructions 2017-04-07 13:10:10 +01:00
Thomas Leonard
78f25ea2c5 Fix build instructions 
No need to run `make tar` manually now.
 2017-03-27 13:45:06 +01:00
Thomas Leonard
583366b22b Remove non-Docker build instructions 
Fedora 24 doesn't work with opam (because the current binary release of
aspcud's clasp binary segfaults, which opam reports as `External solver
failed with inconsistent return value.`).
 2017-03-18 17:59:06 +00:00
Thomas Leonard
5158853c30 Update README 2017-03-18 11:34:22 +00:00
Thomas Leonard
75dd8503c5 Use LRU cache to prevent out-of-memory errors 2017-03-18 09:56:07 +00:00
Thomas Leonard
b4079ac861 Update to new mirage-nat API 2017-03-05 17:04:05 +00:00
Thomas Leonard
bb78a726e4 Mirage 3 support 2017-03-04 17:22:58 +00:00
Thomas Leonard
036d92b0ff Update README: you need "sudo docker" by default 2017-01-28 15:19:05 +00:00
Thomas Leonard
d6074f2271 Add option to build with Docker 2017-01-09 18:44:30 +00:00
Thomas Leonard
0230cfaf1e Updates for mirage 2.9.0 
- Unpin bootvar and use register ~argv:no_argv` instead.
- Use new name for uplink device ("0", not "tap0").
- Don't configure logging - mirage does that for us now.
 2016-05-14 10:44:57 +01:00
Thomas Leonard
1134b64f5e Remove tcpip pin 
The 2.7.0 release has the checksum feature we need.
 2016-03-23 14:53:01 +00:00
Thomas Leonard
74ae5b6078 Remove mirage-xen pin 
mirage-xen 2.4.0 has been released with the required features.

(also fixes indentation problem reported by @cfcs in #6)
 2016-03-19 20:14:23 +00:00