Set iptables rules if network interface is UP

waldauf · 2017-06-23 07:07:15

Hello,

I have created many VBox network interfaces - vboxnetX. I would like to set special iptables rules for every NI which will be turn on if NI is UP. For example:

If vboxnet2 is UP and have IP address

Set these iptables rules:

iptables -A FORWARD -o enp0s31f6 -i vboxnet2 -s 192.168.58.0/24 -m conntrack --ctstate NEW -j ACCEPT
iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
iptables -A POSTROUTING -t nat -j MASQUERADE

If vboxnet2 is down and don't have IP address flush iptables rules

I'm using NetworkManager and didn't find out where it could be set - something like /etc/network/interface.d/vboxnet2.

Do somebody know how to set it? :]

Arch Linux

#1 2017-06-23 07:07:15

Set iptables rules if network interface is UP

Board footer