My Ubuntu 12.04 (precise) laptop has three network interfaces:

1. eth0: wired interface sometimes connected to the Internet
2. wlan0: wireless interface sometimes connected to the Internet
3. vboxnet0: wired interface (actually a VirtualBox virtual interface) connected to another computer (actually a VirtualBox virtual machine with networking in host-only mode)

I'd like to use iptables to set up NAT/IP masquerading to share whichever Internet connection is up (preferring the wired if both are up) with the other computer.

The following works when eth0 is plugged in:

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward &&
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE &&
sudo iptables -A FORWARD -i eth0 -o vboxnet0 -m state --state RELATED,ESTABLISHED -j ACCEPT &&
sudo iptables -A FORWARD -i vboxnet0 -o eth0 -j ACCEPT

If I switch from wired to wireless, this obviously stops working.

I tried:

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward &&
sudo iptables -t nat -A POSTROUTING -o '!vboxnet0' -j MASQUERADE &&
sudo iptables -A FORWARD -i '!vboxnet0' -o vboxnet0 -m state --state RELATED,ESTABLISHED -j ACCEPT &&
sudo iptables -A FORWARD -i vboxnet0 -o '!vboxnet0' -j ACCEPT

but it did not work. I could try to do some Network Manager scripts to change the iptables rules whenever an interfaces goes up or down, but I figured it would be possible without jumping through such hoops.

Any suggestions?

My Ubuntu 12.04 (precise) laptop has three network interfaces:

1. eth0: wired interface sometimes connected to the Internet
2. wlan0: wireless interface sometimes connected to the Internet
3. vboxnet0: wired interface (actually a VirtualBox virtual interface) connected to another computer (actually a VirtualBox virtual machine with networking in host-only mode)

I'd like to use iptables to set up NAT/IP masquerading to share whichever Internet connection is up (preferring the wired if both are up) with the other computer.

The following works when eth0 is plugged in:

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward &&
sudo iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE &&
sudo iptables -A FORWARD -i eth0 -o vboxnet0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT &&
sudo iptables -A FORWARD -i vboxnet0 -o eth0 -j ACCEPT

If I switch from wired to wireless, this obviously stops working.

I tried:

echo 1 | sudo tee /proc/sys/net/ipv4/ip_forward &&
sudo iptables -t nat -A POSTROUTING -o '!vboxnet0' -j MASQUERADE &&
sudo iptables -A FORWARD -i '!vboxnet0' -o vboxnet0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT &&
sudo iptables -A FORWARD -i vboxnet0 -o '!vboxnet0' -j ACCEPT

but it did not work. I could try to do some Network Manager scripts to change the iptables rules whenever an interfaces goes up or down, but I figured it would be possible without jumping through such hoops.

Any suggestions?