Masquerade rule with netfilter-persitent

up vote
0
down vote

favorite

I use netfilter-persistent to manage a firewall.

I would like to share a connection between two interfaces using masquerading (example, or another). When I run those operations by invoking iptables it works.

But if I try to update firewall rules stored in /etc/iptables/rules.v4 adding such a line:

-t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Lines starting with -t make netfilter-persistent fail to run and the firewall is not updated:

Nov 16 11:51:32 helena systemd[1]: netfilter-persistent.service: Main process exited, code=exited, status=1/FAILURE
Nov 16 11:51:32 helena systemd[1]: Failed to start netfilter persistent configuration.

So I am wondering if it is possible to store this kind of rules with netfilter-persistent or

Is it a known limitation?

Is there a good reason why it cannot work?

Is there a hack to make it work?

asked 2 days ago

jlandercy

1084

add a comment |

up vote
0
down vote

favorite

I use netfilter-persistent to manage a firewall.

I would like to share a connection between two interfaces using masquerading (example, or another). When I run those operations by invoking iptables it works.

But if I try to update firewall rules stored in /etc/iptables/rules.v4 adding such a line:

-t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Lines starting with -t make netfilter-persistent fail to run and the firewall is not updated:

Nov 16 11:51:32 helena systemd[1]: netfilter-persistent.service: Main process exited, code=exited, status=1/FAILURE
Nov 16 11:51:32 helena systemd[1]: Failed to start netfilter persistent configuration.

So I am wondering if it is possible to store this kind of rules with netfilter-persistent or

Is it a known limitation?

Is there a good reason why it cannot work?

Is there a hack to make it work?

asked 2 days ago

jlandercy

1084

add a comment |

up vote
0
down vote

favorite

I use netfilter-persistent to manage a firewall.

I would like to share a connection between two interfaces using masquerading (example, or another). When I run those operations by invoking iptables it works.

But if I try to update firewall rules stored in /etc/iptables/rules.v4 adding such a line:

-t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Lines starting with -t make netfilter-persistent fail to run and the firewall is not updated:

Nov 16 11:51:32 helena systemd[1]: netfilter-persistent.service: Main process exited, code=exited, status=1/FAILURE
Nov 16 11:51:32 helena systemd[1]: Failed to start netfilter persistent configuration.

So I am wondering if it is possible to store this kind of rules with netfilter-persistent or

Is it a known limitation?

Is there a good reason why it cannot work?

Is there a hack to make it work?

asked 2 days ago

jlandercy

1084

I use netfilter-persistent to manage a firewall.

I would like to share a connection between two interfaces using masquerading (example, or another). When I run those operations by invoking iptables it works.

But if I try to update firewall rules stored in /etc/iptables/rules.v4 adding such a line:

-t nat -A POSTROUTING -o wlan0 -j MASQUERADE

Lines starting with -t make netfilter-persistent fail to run and the firewall is not updated:

Nov 16 11:51:32 helena systemd[1]: netfilter-persistent.service: Main process exited, code=exited, status=1/FAILURE
Nov 16 11:51:32 helena systemd[1]: Failed to start netfilter persistent configuration.

So I am wondering if it is possible to store this kind of rules with netfilter-persistent or

Is it a known limitation?

Is there a good reason why it cannot work?

Is there a hack to make it work?

iptables forwarding netfilter connection-sharing iptables-persistent

asked 2 days ago

jlandercy

1084

asked 2 days ago

jlandercy

1084

asked 2 days ago

jlandercy

1084

asked 2 days ago

jlandercy

1084

asked 2 days ago

jlandercy

1084

add a comment |

active

oldest

votes

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "106"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);

);

draft saved

draft discarded

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f482143%2fmasquerade-rule-with-netfilter-persitent%23new-answer', 'question_page');

);

Post as a guest

Name

Required, but never shown

active

oldest

votes

draft saved

draft discarded

draft saved

draft discarded

Post as a guest

Name

Required, but never shown

Name

Required, but never shown

Name

Required, but never shown

搜尋此網誌

mjhjmtu