A sys-whonix currently does it's job as a ProxyVM, but not as a FirewallVM. It currently ignores QubesDB `qubes-iptables` entries. Therefore, for example, any TemplateVM using sys-whonix as its NetVM does not block the TemplateVM from using the open (torified) internet.
I wonder if this FirewallVM functionality should be implemented in Whonix?
Any suggestion on how to implement it without re-inventing qubes-core-agent-linux/network/qubes-firewall? Or refactoring the Qubes code so Whonix can just call the required portion of it?
-----
For QVMM... Could we somehow have multiple settings per VM?
- ProxyVM
- FirewallVM
- NetVM
If all three are set, Qubes would lead the traffic: VM -> ProxyVM -> FirewallVM -> NetVM?
Because there is also some confusion about the terminology...
Users can currently configure the NetVM of any VM. I am wondering if we are overloading the terms. The NetVM is the VM that is primarily defined as a VM that has access to physical network hardware and that establishes actual network connections to the ISP.
Currently a user could tell a story "I set the NetVM of my debian-8 TemplateVM to sys-whonix. And sys-whonix uses sys-firewall as its NetVM. And sys-firewall uses sys-net as its NetVM."
At the end it's like saying "setting the NetVM setting to the NetVM".
Q: "What's your NetVM?"
A: "My sys-net or the NetVM of my VM?"
-----
Related (or duplicate):
T372