Jump to: navigation, search

Whonix Configuration Files

.d style configuration folders[edit]

Whonix's modifications provide a few modular flexible.d style configuration folders.

  • /etc/whonix.d
  • /etc/whonix_firewall.d
  • /etc/controlportfilt.d (Only on Whonix-Gateway.)
  • /etc/whonix_buildconfig.d (Only if you build from source code.)
  • /etc/sdwdate.d

We'll explain it using an example. For example, /etc/whonix_firewall.d/30_default says.

## Please use "/etc/whonix_firewall.d/50_user" for your custom configuration,
## which will override the defaults found here. When Whonix is updated, this 
## file may be overwritten.

The same in other words.

## Instead of editing this file, please create and use the file
## "/etc/whonix_firewall.d/50_user". When Whonix is updated, 
## "/etc/whonix_firewall.d/30_default" will be overwritten. Files in folder 
## "/etc/whonix_firewall.d/" are sourced in alphabetical order. Anything in 
## "/etc/whonix_firewall.d/50_user" will always override the defaults,
## allowing the user to keep their settings after updating Whonix.

The same yet in other words... Files in .d folders are usually sourced in lexical order. That means, files named 30_... will always get overruled by files named 50_....

For example, directly editing /etc/whonix_firewall.d/30_default is recommended against. This is because, next time Whonix gets updated, /etc/whonix_firewall.d/30_default may get new settings and improved settings. You would end up with an dpkg interactive conflict resolution dialog, which would for example look the following.

Configuration file `/etc/whonix_firewall.d/30_default'
 ==> Modified (by you or by a script) since installation.
 ==> Package distributor has shipped an updated version.
   What would you like to do about it ?  Your options are:
    Y or I  : install the package maintainer's version
    N or O  : keep your currently-installed version
      D     : show the differences between the versions
      Z     : background this process to examine the situation
 The default action is to keep your current version.
*** interfaces (Y/I/N/O/D/Z) [default=N] ? N

Modifications coming with Whonix will always fall back to reasonable defaults, if you were still using an old version. However, to prevent such conflicts in the first place, you're better off reading /etc/whonix_firewall.d/30_default, leaving /etc/whonix_firewall.d/30_default untouched, copying settings from /etc/whonix_firewall.d/30_default and pasting them into /etc/whonix_firewall.d/50_user.

Footnotes[edit]




Log in | OpenID | Contact | Impressum | Datenschutz | Haftungsausschluss

https | .onion [note] | Mirror | Mirror

This is a wiki. Want to improve this page? See Conditions for Contributions to Whonix, then Edit it! IP addresses are scrubbed, but editing over Tor is recommended. Edits are held for moderation.

Whonix (g+) is a licensee of the Open Invention Network. Unless otherwise noted above, content of this page is copyrighted and licensed under the same Free (as in speech) license as Whonix itself.