But all of these times I have had the RPi attached by wired Ethernet and this time it needs to be using WiFi but also if available using wired Ethernet. This complicates the IPTABLES setup for me since I am using my notes from way back when I started using these OVPN servers on RPi units in 2013...
So, what I have now is this:
This looks fine especially the "destination anywhere" item...
Code: Select all
sudo iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination Chain INPUT (policy ACCEPT) target prot opt source destination Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- 10.8.13.0/24 anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination
But when I use iptables-save to see what is actually used to set this on boot:
My problem is that in order for the routing to be set up on boot I am using iptables-persistent, which I installed via apt.
Code: Select all
sudo iptables-save # Generated by xtables-save v1.8.2 on Sat Mar 7 10:16:12 2020 *nat :PREROUTING ACCEPT [2401:259371] :INPUT ACCEPT [2400:259041] :POSTROUTING ACCEPT [402:34785] :OUTPUT ACCEPT [402:34785] -A POSTROUTING -s 10.8.13.0/24 -o wlan0 -j MASQUERADE COMMIT # Completed on Sat Mar 7 10:16:12 2020
This uses the iptables-save output as input (saved to a file in /etc/iptables/).
And it specifically defines using wlan0 as the output interface....
So it works fine as long as I have it connected by WiFi, but how can I set this up so it will also work if I have connected the RPi by wired Ethernet?
I would like the box to be possible to connect either way on the target location.