User Tools
сервис_nat
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
сервис_nat [2024/04/23 13:15] val [nftables] |
сервис_nat [2024/04/23 13:57] val [nftables] |
||
|---|---|---|---|
| Line 74: | Line 74: | ||
| gate# nft add table nat | gate# nft add table nat | ||
| - | gate# nft add rule nat postrouting ip saddr 192.168.X.0/24 oif eth1 snat to 172.16.1.254 | + | gate# nft 'add chain nat postrouting { type nat hook postrouting priority 100 ; }' |
| + | |||
| + | gate# nft add rule nat postrouting ip saddr 192.168.X.0/24 oif eth1 snat to 172.16.1.X | ||
| + | gate# nft add rule nat postrouting ip saddr 192.168.100+X.0/24 oif eth1 snat to 172.16.1.X | ||
| gate# nft list ruleset | gate# nft list ruleset | ||
| - | gate# file /etc/nftables.conf | + | gate# nft flush ruleset |
| + | |||
| + | gate# systemctl enable nftables.service --now | ||
| - | gate# systemctl enable nftables.service | + | gate# cat /etc/nftables.conf |
| + | </code><code> | ||
| + | ... | ||
| + | table ip nat { | ||
| + | chain postrouting { | ||
| + | type nat hook postrouting priority srcnat; policy accept; | ||
| + | ip saddr 192.168.100+X.0/24 oif "eth1" snat to 172.16.1.X | ||
| + | } | ||
| + | } | ||
| + | </code><code> | ||
| + | gate# systemctl reload nftables.service | ||
| </code> | </code> | ||
сервис_nat.txt · Last modified: 2024/05/06 16:17 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
