# service            arg       source            target            action params

whonix.SdwdateStatus +         @tag:anon-gateway @tag:anon-vm      allow  autostart=no notify=no
whonix.SdwdateStatus +         @tag:anon-gateway @default          deny   notify=no
whonix.SdwdateStatus +         @anyvm            @anyvm            deny

whonix.NewStatus     *         @tag:anon-vm      @tag:anon-gateway allow  autostart=no
whonix.NewStatus     *         @anyvm            @anyvm            deny

whonix.GatewayCommand +restart @tag:anon-gateway @tag:anon-vm      allow  autostart=no
whonix.GatewayCommand +stop    @tag:anon-gateway @tag:anon-vm      allow  autostart=no
whonix.GatewayCommand +showlog @tag:anon-gateway @tag:anon-vm      allow  autostart=no
whonix.GatewayCommand *        @anyvm            @anyvm            deny