/qubes-issues

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix too relaxed firewall rules in proxyvm #136

Closed
marmarek opened this Issue Mar 8, 2015 · 2 comments

Comments

Assignees
No one assigned
Labels
Projects
None yet
Milestone
  Release 1 Beta 1
1 participant
@marmarek
@marmarek
Member

marmarek commented Mar 8, 2015

Reported by rafal on 25 Mar 2011 13:17 UTC
Just after creation of proxy and somevm behind it, there is a rule in proxy fw rules in FORWARD:
ACCEPT state NEW,ESTABLISHED,RELATED from any to any

it looks wrong (should be ESTABLISHED,RELATED ?), as a result netvm can connect to somevm open ports (if netvm guesses somevm IP).

Migrated-From: https://wiki.qubes-os.org/ticket/136
@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Modified by smoku on 27 Mar 2011 15:25 UTC
Member

marmarek commented Mar 8, 2015

Modified by smoku on 27 Mar 2011 15:25 UTC

@marmarek marmarek added this to the Release 1 Beta 1 milestone Mar 8, 2015

@marmarek marmarek added bug C: core P: major labels Mar 8, 2015

@marmarek

This comment has been minimized.

Show comment
Hide comment
@marmarek

marmarek Mar 8, 2015

Member

Comment by smoku on 27 Mar 2011 16:45 UTC
Fixed in http://git.qubes-os.org/?p=smoku/core;a=commit;h=04a6b01b1b8992acd4712d697b80dba6b37d66bf
Member

marmarek commented Mar 8, 2015

Comment by smoku on 27 Mar 2011 16:45 UTC
Fixed in http://git.qubes-os.org/?p=smoku/core;a=commit;h=04a6b01b1b8992acd4712d697b80dba6b37d66bf

@marmarek marmarek closed this Mar 8, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment