C. Per Analysis Network Routing - nkd071819/Cuckoo-V2 GitHub Wiki

Simple Global Routing

$ sudo iptables -t nat -A POSTROUTING -o ens192 -s 192.168.56.0/24 -j MASQUERADE
$ sudo iptables -P FORWARD DROP
$ sudo iptables -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT
$ sudo iptables -A FORWARD -s 192.168.56.0/24 -j ACCEPT
$ sudo iptables -A FORWARD -s 192.168.56.0/24 -d 192.168.56.0/24 -j ACCEPT
$ sudo iptables -A FORWARD -j LOG
$ echo 1 | sudo tee -a /proc/sys/net/ipv4/ip_forward
$ sudo sysctl -w net.ipv4.ip_forward=1

Iptables rules are not persistent between reboots, so if want to keep them you should use a script or just install iptables-persistent.

Using Per-Analysis Network Routing

Figure out which routing options they want https://cuckoo.sh/docs/installation/host/routing.html

Configuring iproute2

For Linux kernel TCP/IP source routing reasons it is required to register each of the network interfaces that we use with iproute2. This is trivial, but necessary.

To configure iproute2 with ens192 we’re going to open the /etc/iproute2/rt_tables file which will look roughly as follows:

#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#

To open the file for editing:

sudo vi /etc/iproute2/rt_tables

Now add the last line as seen below

#
# reserved values
#
255     local
254     main
253     default
0       unspec
#
# local
#

400     ens192

Type :wq to save and exit.

And that’s really all there is to it. You will have to do this for each network interface you intend to use for network routing.

See the documentation site for more routing infomation