I got also idea set it like this,but if ever your Whonix-Gateway would get compromised, the attacker could just drop the VPN and see your real IP ? I guess…
In all ways better setup VPN at standalone (Proxy VM) between sys-net and whonix-gateway.
And use this instance as VPN+Firewall.
Today it is 3th day I am messing around. With 0 success, because no iptables knowledge.
Tried some attempts like rerouting or forwarding packets using this
Conclusion
First I implemented Adrenalos Firewall as standalone ProxyVM debian 8 (Within this Instance All is working. The only thing is that it is not redirecting traffic to any APPVM,
Than Patrick says it is currently unsupported in qubes, Could you please modify it than ?
Next thing I tried is use Qubes build-in firewall and Edit Firewall rules in it’s own “Firewall rules” tab the problem here is that if I use in Firewall ProxyVM:
Deny network access except = and IP of my VPN, it than do not allow, access to the internet, however ping in between APPVM is working.
Next I tried something with rerouting iptable packets but here I am not sure much yet what i am doing so I would rather take advice from someone experienced.