0x00 Creating a New VM

  1. Open the Qube Manger

Applications Menu -> System Tools -> Qube Manager

  1. On the Qube Tab, click “Create new qube”
  2. Then fill All the box. In my situation, I set the name of the VM to “ProxyVm” and change the label to “orange”. If the proxy program that will be installed in VM was not packed by standard package manager, such as apt, yum, dnf, etc, The selection of “type” must be “the Standalone qube copied from template” or all the action will lost after reboot the VM.^1 Also, remember click the box of provides network.

^1: https://www.qubes-os.org/doc/standalone-and-hvm/

0x01 Setup proxy

Just setup the whole proxy program and test in the Vm and test it as normal as in a regular computer.

0x02 Configuring the iptables(using ufw)

I have stuck in this step for a long time. At first, I assumed the problem that cannot connect the sock proxy from other Vm is caused by SELinux; However, Debian does not come up with SELinux, So problem cannot caused by it. The real cause is the Qube OS default all template using the highest level of firewall. To fix this, we need configure the iptables.

Iptables are extreme complex. Luckily, a tools named ufw can help us deal with it.

  1. Install it using apt: sudo apt install ufw

  2. Exist configuration may have conflict with ufw, so clean it: sudo iptables -F

  3. Then enable ufw: sudo ufw enable

  4. Add the sock port with: sudo ufw allow xxx

0x03 connect the AppVm to ProxyVm

In the qube Manager, right click any AppVm that you want to use proxy and change the Networking Selection to ProxyVm. Change the proxy setting of program.

0x04 Enjoy!