I am using ubuntu core as a gateway for a piece of industrial machinery. I need to have nat rules and a openvpn client that are loaded when the system is restarted. I have made my own snap that has a service that loads the openvpn settings, iptable rules and the sysctl setting to allow packet forwarding.
The interfaces I have given the snap access to are…
- network
- network-bind
- network-control
- firewall-control
but I am still having trouble with permissions, particularly with the iptables rules and the sysctl change.
What interfaces am I missing? Or am going about this the wrong way and there is a far easier way to accomplish this?