[TUTORIAL] Update interfaces' iptables without downtime

Keyinator

Member
Jan 29, 2022
26
0
6
22
Credits to @smartynov for his solution which I just edited minorly.

The following script lets you reload the network interface and defined iptables without a reboot.
I have added two commands which will clear all ip table rules for PRE- and POST-Routing before executing the reload thus effectively reloading these rules too instead of just appending specified rules to the old ones.

If you want to reload other types of iptables entries just replace the second or third line to your liking.
Code:
#!/bin/bash
iptables -t nat -F PREROUTING
iptables -t nat -F POSTROUTING
/etc/init.d/networking restart

grep -FH bridge= /etc/pve/nodes/*/qemu-server/*.conf \
 | perl -nle 'print "fwpr$1p$2 master $3" if /\/(\d+).conf:net(\d+):.*?bridge=(vmbr\d+)/' \
 | xargs -l1 ip link set
 
Last edited:
if you want to reload network interfaces without reboot,

simply used ifupdown2 package, and do a "ifreload -a" (or use the proxmox gui "apply configuration" button in network section)

(this is the default of proxmox7)
 
  • Like
Reactions: Keyinator
if you want to reload network interfaces without reboot,

simply used ifupdown2 package, and do a "ifreload -a" (or use the proxmox gui "apply configuration" button in network section)

(this is the default of proxmox7)
Hey, I specified myself very poorly (I'll update the post). With a reload the old post-up rules will not be overwritten but appended. With the following code you can fully reload networking, while refreshing iptables and keeping bridges (i.e. vm connections)
 
Hey, I specified myself very poorly (I'll update the post). With a reload the old post-up rules will not be overwritten but appended. With the following code you can fully reload networking, while refreshing iptables and keeping bridges (i.e. vm connections)
mmm, interesting. I'll look at ifupdown2 code. Thanks fo the report.
 
  • Like
Reactions: Keyinator

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!