Jump to: navigation, search

Whonix-Workstation Firewall

Advanced users only!


TODO: document



There is a second, extra firewall for Whonix-Workstation. Experts should read the design notes (see online man page) or run on Whonix-Workstation.

man whonix_firewall

And make an informed decision. It is disabled by default.


On Whonix-Workstation.

Open /etc/whonix_firewall.d/50_user.conf in an editor with root rights.

If you are using a graphical Whonix or Qubes-Whonix, run:

kdesudo kwrite /etc/whonix_firewall.d/50_user.conf

If you are using a terminal-only Whonix, run:

sudo nano /etc/whonix_firewall.d/50_user.conf

Add the following content.



Reload Whonix-Gateway Firewall.

If you are using Qubes-Whonix, complete the following steps:

Qubes App Launcher (blue/grey "Q") -> Whonix-Gateway ProxyVM (commonly named sys-whonix) -> Reload Whonix Firewall

If you are using a graphical Whonix-Gateway, complete the following steps:

Start Menu -> Applications -> System -> Reload Whonix Firewall

If you are using a terminal-only Whonix-Gateway, run:

sudo whonix_firewall

From now it will be automatically load on every reboot before network is coming up.

See Also[edit]


Random News:

Join us testing new AppArmor profiles for improved security! (forum discussion)

Impressum | Datenschutz | Haftungsausschluss

https | (forcing) onion
Share: Twitter | Facebook | Google+
This is a wiki. Want to improve this page? Help welcome, volunteer contributions are happily considered! See Conditions for Contributions to Whonix, then Edit! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation. Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.