Anonymous - 2013-04-17

oddly the Whonix Check can't see The Internets

Because whonixcheck has the IP's coded in it's source (stream isolation). Please grep whole Whonix source code of any IP's/other variables/stuff you may change.

but there is no clearnet user in the Workstation.

And I don't think I can add access to clearnet in the Workstation. It would violate the whole concept behind Whonix. What however could make sense, was a user with [Stream Isolation] disabled or somehow adding a function to disable stream isolation. Looks like that security feature is confusing many users who try experiments.

Gateway Interface 1 is normally NAT looking out. Set to Bridged. Leave DHCP in interfaces.

Bridged and DHCP for eth0 requires a DHCP server, i.e. your physical router (or perhaps a DHCP server on your host, I don't know).

Can't get DHCP from internal network.

Whonix-Gateway eth1 for internal network does not run a DHCP server (would be interesting, but that's another topic). Whonix-Gateway does not run a DHCP server at all. Whonix-Gateway only uses DHCP as a client with eth0 to obtain an IP from Virtual Box NAT.

It would be useful if I could see firewall violations

See Whonix firewall on Gateway. Logging commands are commented out. Feel free to enable them. For your tests, feel free to add a big "exit 0" at the top of that script and no firewall will be loaded (and restart) (and Whonix-Workstatation won't work, but you can test if Tor inside the VM gets accessible). Hope this helps.