[Question] Using opensnitch with dnsmasq #445
Comments
|
Hey @Techtonictools ,
The exception lists are only for domains. You have to create a new priority rule, allowing explicitly that IP.
As far as I can tell yes. I have this scenario working, but with virtualbox. By the way, are you using the binary I posted on the other issue? I think that this problem and #429 are related. |
|
I'm using 1.4.0rc2. I added the new priority rule that includes the IP that had been leased to the VM and now the VM gets that IP. Thank you. To be more clear for anyone else that may want this the rules are: Each rule has the binary path for dnsmasq. The first two rules have the priority option checked. The first rule uses a list of domains and the second rule uses just the one IP address, |
I'm looking to use virt-manager on a debian system with opensnitch and block all requests from the VM except for hosts in an exception list. To do that, I created two rules. One rule named name 001-dnsmasq deny all to deny all requests from the binary and another rule named 000-dnsmasq allow with priority checked from the same exe and a list of domains in a file referenced in the rule.
What I'm finding is the VM won't get an IP address through the DHCP service unless I switch the 001-dnsmasq deny rule to allow or stop opensnitch. I've put the client IP that is given to the VM into the exception list. When I set the rule 001-dnsmasq to allow then I allow all websites to load in the vm. Is it a supported scenario to filter traffic and get an IP using opensnitch and dnsmasq?
versions:
The text was updated successfully, but these errors were encountered: