nftables
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| nftables [2020/03/27 23:08] – ww | nftables [2026/06/20 15:35] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 93: | Line 93: | ||
| jump global | jump global | ||
| + | | ||
| + | # loopback | ||
| + | oif lo accept | ||
| tcp dport $port_dns accept | tcp dport $port_dns accept | ||
| Line 115: | Line 118: | ||
| } | } | ||
| + | </ | ||
| + | |||
| + | ---- | ||
| + | |||
| + | ===== The Masquerade ===== | ||
| + | |||
| + | < | ||
| + | table ip nat { | ||
| + | chain postrouting { | ||
| + | type nat hook postrouting priority 100; | ||
| + | oif $iface_wan masquerade; | ||
| + | } | ||
| + | } | ||
| </ | </ | ||
| Line 120: | Line 136: | ||
| ===== The NAT ===== | ===== The NAT ===== | ||
| + | |||
| + | < | ||
| + | table inet filter { | ||
| + | chain forward { | ||
| + | type filter hook forward priority 0; | ||
| + | policy drop; | ||
| + | |||
| + | jump global | ||
| + | |||
| + | # [...] | ||
| + | |||
| + | ip daddr 192.168.1.10 tcp dport 3389 accept | ||
| + | |||
| + | counter drop | ||
| + | } | ||
| + | } | ||
| + | |||
| + | </ | ||
| < | < | ||
nftables.1585350536.txt.gz · Last modified: (external edit)