You are not logged in.

#1 2017-06-23 07:07:15

waldauf
Member
Registered: 2012-07-15
Posts: 133

Set iptables rules if network interface is UP

Hello,

I have created many VBox network interfaces - vboxnetX. I would like to set special iptables rules for every NI which will be turn on if NI is UP. For example:

  • If vboxnet2 is UP and have IP address

  • Set these iptables rules:

    iptables -A FORWARD -o enp0s31f6 -i vboxnet2 -s 192.168.58.0/24 -m conntrack --ctstate NEW -j ACCEPT
    iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
    iptables -A POSTROUTING -t nat -j MASQUERADE
  • If vboxnet2 is down and don't have IP address flush iptables rules

I'm using NetworkManager and didn't find out where it could be set - something like /etc/network/interface.d/vboxnet2.


Do somebody know how to set it? :]

Offline

Board footer

Powered by FluxBB